Description
The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems.
Remediation
References
https://hackerone.com/reports/786956
Related Vulnerabilities
CVE-2020-7691 Vulnerability in maven package org.webjars.bower:jspdf
CVE-2022-4135 Vulnerability in npm package electron
CVE-2018-3785 Vulnerability in npm package git-dummy-commit
CVE-2022-26850 Vulnerability in maven package org.apache.nifi:nifi-single-user-utils
CVE-2021-46361 Vulnerability in maven package info.magnolia:magnolia-core