Ninety-nine Pitchers of Malt

    npm

    Sign UpSign In
    Severity: moderate

    Denial of Service

    canvas

    Overview

    Versions of canvas prior to 1.6.10 are vulnerable to Denial of Service. Processing malicious JPEGs or GIFs could crash the node process.

    Remediation

    Upgrade to version 1.6.10

    Resources

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      Apr 4th, 2019

    2. reported

      Reported by Erlend Oftedal
      Apr 4th, 2019