0.003 Low
EPSS
Percentile
71.3%
A buffer overflow is present in canvas versions before 1.6.11, which could lead to a Denial of Service or execution of arbitrary code when it processes a user-provided image.
github.com/Automattic/node-canvas/commit/c3e4ccb1c404da01e83fe5eb3626bf55f7f55957
hackerone.com/reports/315037
nvd.nist.gov/vuln/detail/CVE-2020-8215
www.npmjs.com/package/canvas