CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

EUVD-2025-209459

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

CVE-2025-70023

CVE-2025-70023 affects transloadit uppy v0.25.6. The issue is CWE-843: Access of Resource Using Incompatible Type, caused by a type/resource access mismatch in the vulnerable component. CVSSv3.1 base score is 9.8 (CRITICAL) with network attack vector, no privileges required, no user interaction, ...

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

CVE-2025-70023

An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6...

PT-2026-32713

CVE-2025-70023 An issue pertaining to CWE-843: Access of Resource Using Incompatible Type was discovered in transloadit uppy v0.25.6. https://t.co/J2hAQYnqKw...

Uppy 安全漏洞

Uppy is an open-source file uploader developed by Transloadit, designed for web browsers. Version 0.25.6 of Uppy contains a security vulnerability, which stems from the use of incompatible types to access resources...

CVE-2022-0528

Server-Side Request Forgery SSRF in GitHub repository transloadit/uppy prior to 3.3.1...

EUVD-2022-1506

Malicious code in bioql PyPI...

Uppy Access Control Error Vulnerability

Uppy is a Transloadit open source open source file uploader for web browsers. versions prior to Uppy 3.3.1 contain an access control error vulnerability that stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An unauthorized attacke...

CVE-2022-0528

Server-Side Request Forgery SSRF in GitHub repository transloadit/uppy prior to 3.3.1...

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF in GitHub repository transloadit/uppy prior to 3.3.1...

CVE-2022-0528 Server-Side Request Forgery (SSRF) in transloadit/uppy

Server-Side Request Forgery SSRF in GitHub repository transloadit/uppy prior to 3.3.1...

CVE-2022-0528

CVE-2022-0528 is a Server-Side Request Forgery (SSRF) in transloadit/uppy and @uppy/companion prior to 3.3.1. The underlying issue is an access control error that could allow an unauthorized attacker to access sensitive information from GitHub repositories and, under certain conditions, enumerate...

CVE-2022-0086 Server-Side Request Forgery (SSRF) in transloadit/uppy

uppy is vulnerable to Server-Side Request Forgery SSRF...

Coursera: Stored XSS via transloadit.com and imageproxy

Hello, due to poor input file validation on transloadit.com, it is possible to upload and process any filetype on their server, which would later be uploaded to coursera-profile-photos.s3.amazonaws.com. From there, since imageproxy trusts coursera-profile-photos.s3.amazonaws.com, one can fetch...