Description
The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.
Remediation
References
https://hackerone.com/reports/786956
Related Vulnerabilities
CVE-2023-30524 Vulnerability in maven package org.jenkins-ci.plugins:reportportal
CVE-2022-31129 Vulnerability in maven package org.webjars.bower:moment
CVE-2023-41886 Vulnerability in maven package org.openrefine:database
CVE-2020-14967 Vulnerability in maven package org.webjars.bower:jsrsasign
CVE-2021-21290 Vulnerability in maven package io.netty:netty-codec-http