Uppy

uppy

Vendor: Transloadit • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0528 1Transloadit 1Uppy Feb 24, 2026 Mar 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
CVE-2022-0086 1Transloadit 1Uppy Nov 21, 2024 Jan 4, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 uppy is vulnerable to Server-Side Request Forgery (SSRF)
CVE-2020-8205 1Transloadit 1Uppy Nov 21, 2024 Jul 20, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal syste...Show more The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.Show less