Transloadit: Security Vulnerabilities
Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-03-03
uppy is vulnerable to Server-Side Request Forgery (SSRF)
CVSS Score
8.2
EPSS Score
0.003
Published
2022-01-04
The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent spoofing of file content.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-11-22
The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-07-20