Vulnerabilities (CVE)

Filtered by vendor Transloadit Subscribe
Filtered by product Uppy
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0528 1 Transloadit 1 Uppy 2024-11-21 5.0 MEDIUM 6.5 MEDIUM
Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
CVE-2022-0086 1 Transloadit 1 Uppy 2024-11-21 7.5 HIGH 9.8 CRITICAL
uppy is vulnerable to Server-Side Request Forgery (SSRF)
CVE-2020-8205 1 Transloadit 1 Uppy 2024-11-21 5.0 MEDIUM 7.5 HIGH
The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.