Skip to main content

Uppy

4 CVEs product

Monthly

CVE-2022-0528 npm HIGH POC PATCH This Week

Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Uppy
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-0086 npm CRITICAL POC PATCH Act Now

uppy is vulnerable to Server-Side Request Forgery (SSRF). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Uppy
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-8205 npm HIGH POC PATCH This Week

The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js SSRF Uppy
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-8135 npm CRITICAL POC PATCH Act Now

The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js SSRF Uppy
NVD
CVSS 3.1
9.8
EPSS
1.3%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Uppy
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

uppy is vulnerable to Server-Side Request Forgery (SSRF). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Uppy
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js SSRF Uppy
NVD
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js SSRF Uppy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy