Transloadit

transloadit

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0528 1Transloadit 1Uppy Feb 24, 2026 Mar 3, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
CVE-2022-0086 1Transloadit 1Uppy Nov 21, 2024 Jan 4, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 uppy is vulnerable to Server-Side Request Forgery (SSRF)
CVE-2021-44150 1Transloadit 1Tusdotnet Nov 21, 2024 Nov 22, 2021 N/A· v4 7.5 HIGH· v3 4.3 MEDIUM· v2 The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent spoofing of file content.
CVE-2020-8205 1Transloadit 1Uppy Nov 21, 2024 Jul 20, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal syste...Show more The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.Show less