npm package
@uppy/companion
pkg:npm/%40uppy/companion
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0528 | — | < 3.3.1 | 3.3.1 | Mar 3, 2022 | Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1. | ||
| CVE-2022-0086 | — | < 3.1.5 | 3.1.5 | Jan 4, 2022 | uppy is vulnerable to Server-Side Request Forgery (SSRF) | ||
| CVE-2020-8205 | — | < 1.13.2 | 1.13.2 | Jul 20, 2020 | The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems. | ||
| CVE-2020-8135 | — | < 1.9.3 | 1.9.3 | Mar 20, 2020 | The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems. |
- CVE-2022-0528Mar 3, 2022affected < 3.3.1fixed 3.3.1
Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
- CVE-2022-0086Jan 4, 2022affected < 3.1.5fixed 3.1.5
uppy is vulnerable to Server-Side Request Forgery (SSRF)
- CVE-2020-8205Jul 20, 2020affected < 1.13.2fixed 1.13.2
The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.
- CVE-2020-8135Mar 20, 2020affected < 1.9.3fixed 1.9.3
The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.