CVE-2020-8135

Summary

The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.

Affected Software

VendorProductVersion RangeStatus
n/auppyFixed Version: 1.9.3affected

Weaknesses

  • CWE-918: Server-Side Request Forgery (SSRF) (CWE-918)

ADP Enrichment

CVE Program Container

Additional References

References