6 matches found
EUVD-2020-0606
Malware in sbrugna...
EUVD-2020-1181
Malware in sbrugna...
CVE-2020-8205
The uppy npm package 1.13.2 and 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery SSRF vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems...
Server side request forgery (ssrf)
The uppy npm package 1.13.2 and 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery SSRF vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems...
CVE-2020-8135
CVE-2020-8135 affects the uppy npm package prior to 1.9.3, where the SSRF flaw exists in the server-side handling. The root cause is the get route passing a user-controlled req.body.url to a GET request without sanitization, enabling an attacker to cause local or external network interactions. Af...
CVE-2020-8135
The uppy npm package 1.9.3 is vulnerable to a Server-Side Request Forgery SSRF vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems. Recent assessments: ericalexanderorg at March 21, 2020 1:52pm UTC reported: SSRF in npm package...