Uppy npm Package < 1.9.3 SSRF Vulnerability: Unauthorized Network Scanning and System Interaction
CVE-2020-8135 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.
Learn more about our Cis Benchmark Audit For Server Software.