The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.
CPE | Name | Operator | Version |
---|---|---|---|
uppy | eq | 2.0.0 alpha1 | |
uppy | eq | 2.0.0 alpha2 | |
uppy | eq | 2.0.0 alpha3 | |
uppy | eq | 2.0.0 alpha4 | |
uppy | eq | 2.0.0 alpha0 | |
uppy | lt | 1.13.2 |