CVE-2020-8205

Summary

The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.

Affected Software

VendorProductVersion RangeStatus
n/auppyFixed Versions: 1.13.2, 2.0.0-alpha.5affected

Weaknesses

  • CWE-918: Server-Side Request Forgery (SSRF) (CWE-918)

ADP Enrichment

CVE Program Container

Additional References

References