The vulnerability arises when the @astrojs/netlify adapter translates Astro image.remotePatterns into Netlify Image CDN regular expressions with broader semantics than intended. A single wildcard hostname such as *.example.com is expanded to an optional subdomain regex, causing the apex host to match, and a single wildcard pathname such as /ok/* is converted without end anchoring, so deeper paths match by prefix. This over‑broadening allows an attacker to cause the CDN to request arbitrary URLs that were not within the original intended scope, potentially enabling server‑side request forgery (SSRF) or exposing internal resources. The impact is a loss of confidentiality and integrity for internal hosts that could be accessed through the CDN, and could also lead to a denial‑of‑service effect if the CDN is overwhelmed with unintended requests.

Astro sites that use the withastro:astro product, specifically those deploying via the @astrojs/netlify adapter prior to version 7.0.13. The vulnerability exists in any instance of the adapter that has not been upgraded to a patched version, regardless of the host or path patterns configured.

The CVSS score of 5.3 indicates moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting it is not among the most actively exploited flaws. Exploitation does not require privileged access; an attacker only needs to supply a crafted image URL that matches a broadened remotePattern. Because the adapter processes these patterns during site deployment or runtime request handling, the gateway for attack is relatively low. Consequently, the risk is moderate, with a measurable but not high likelihood of exploitation given current reporting and detection capabilities.