VYPR

npm package

@uppy/companion

pkg:npm/%40uppy/companion

Vulnerabilities (4)

  • CVE-2022-0528Mar 3, 2022
    affected < 3.3.1fixed 3.3.1

    Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.

  • CVE-2022-0086Jan 4, 2022
    affected < 3.1.5fixed 3.1.5

    uppy is vulnerable to Server-Side Request Forgery (SSRF)

  • CVE-2020-8205Jul 20, 2020
    affected < 1.13.2fixed 1.13.2

    The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.

  • CVE-2020-8135Mar 20, 2020
    affected < 1.9.3fixed 1.9.3

    The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.