uppy's companion module is vulnerable to Server-Side Request Forgery (SSRF)
High severity
GitHub Reviewed
Published
Jan 6, 2022
to the GitHub Advisory Database
•
Updated Dec 22, 2025
Description
Published by the National Vulnerability Database
Jan 4, 2022
Reviewed
Jan 6, 2022
Published to the GitHub Advisory Database
Jan 6, 2022
Last updated
Dec 22, 2025
uppy's companion module is vulnerable to Server-Side Request Forgery (SSRF) via IPv4-mapped IPv6 addresses.
References