VYPR

npm package

@astrojs/vercel

pkg:npm/%40astrojs/vercel

Vulnerabilities (1)

  • CVE-2026-33768Mar 24, 2026
    affected < 10.0.2fixed 10.0.2

    Astro is a web framework. Prior to version 10.0.2, the @astrojs/vercel serverless entrypoint reads the x-astro-path header and x_astro_path query parameter to rewrite the internal request path, with no authentication whatsoever. On deployments without Edge Middleware, this lets a