Open Redirect in Withastro Astro
CVE-2025-55207
Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https…
Vulnerability class: Open Redirect
EPSS: 0.005 (41.0th percentile) — read the EPSS interpretation.
Affected products
- Withastro Astro — versions < 9.4.1
Weakness classification (CWE)
Public proof-of-concept exploits
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
Frequently asked questions
- What is CVE-2025-55207?
- CVE-2025-55207 is a vulnerability in Withastro Astro, classified under URL Redirection to Untrusted Site (Open Redirect). Published 2025-08-15.
- Is CVE-2025-55207 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.