Filtered by vendor Transloadit
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0528 | 1 Transloadit | 1 Uppy | 2022-03-09 | 5.0 MEDIUM | 7.5 HIGH |
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository transloadit/uppy prior to 3.3.1. | |||||
CVE-2022-0086 | 1 Transloadit | 1 Uppy | 2022-01-07 | 7.5 HIGH | 9.8 CRITICAL |
uppy is vulnerable to Server-Side Request Forgery (SSRF) | |||||
CVE-2021-44150 | 1 Transloadit | 1 Tusdotnet | 2021-11-26 | 4.3 MEDIUM | 7.5 HIGH |
The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent spoofing of file content. | |||||
CVE-2020-8205 | 1 Transloadit | 1 Uppy | 2020-07-23 | 5.0 MEDIUM | 7.5 HIGH |
The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems. |