CVE-2020-8205 - AskarLabs CVE Database

CVE-2020-8205

Vendor N/A

Product uppy

Weakness CWE-918 · SSRF

Published July 20, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The uppy npm package < 1.13.2 and < 2.0.0-alpha.5 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external networks or otherwise interact with internal systems.

Key dates

02Disclosure timeline

July 20, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-8205

Related vulnerabilities

04Related CVE

CVE-2021-21287 Server-Side Request Forgery in MinIO Browser API CVE-2026-3961 zyddnys manga-image-translator Translate Endpoints request_extraction.py to_pil_image server-side request forgery CVE-2024-40625 GeoServer Coverage REST API Allows Server Side Request Forgery CVE-2026-27706 Plane Vulnerable to Full Read SSRF via Favicon Fetching in "Add Link" Feature CVE-2023-50714 The Oauth2 PKCE implementation is vulnerable