Server-Side Request Forgery (SSRF) vulnerability in uppy npm package < 1.13.2 and < 2.0.0-alpha.5

CVE-2020-8205 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.

Learn more about our Cis Benchmark Audit For Server Software.