VYPR

Uppy

by Transloadit

Source repositories

CVEs (3)

  • CVE-2025-70023CriApr 14, 2026
    risk 0.64cvss 9.8epss 0.00

    An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6.

  • CVE-2020-8205Jul 20, 2020
    risk 0.00cvss epss 0.01

    The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.

  • CVE-2020-8135Mar 20, 2020
    risk 0.00cvss epss 0.01

    The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.