OsVault/npm/canvas
npm

canvas

33 known vulnerabilities · 0 critical · 1 high

CVE-2020-8215HIGH

Buffer overflow in canvas

Published May 7, 2021
MAL-2023-152

Malicious code in caas-canvas (npm)

Published Mar 31, 2023
GHSA-9gvx-vj57-vqqx

Duplicate Advisory: OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication

Published Apr 10, 2026
MAL-2023-158

Malicious code in canvas-text-colorizer (npm)

Published Jun 6, 2023
GHSA-cjv3-m589-v3rx

OpenClaw has Canvas route hardening for mixed-trust deployments

Published Mar 3, 2026
MAL-2024-10898

Malicious code in canvaskit-local (npm)

Published Nov 24, 2024
GHSA-vvjh-f6p9-5vcf

OpenClaw Canvas Authentication Bypass Vulnerability

Published Mar 4, 2026
MAL-2026-1040

Malicious code in react-markdown-canvas (npm)

Published Feb 23, 2026
MAL-2022-6186

Malicious code in snapcanvas-sdk (npm)

Published Jun 20, 2022
MAL-2025-3620

Malicious code in flashcanvas (npm)

Published May 6, 2025
MAL-2022-2480

Malicious code in discord-canvases (npm)

Published Sep 21, 2022
GHSA-jq4x-98m3-ggq6

OpenClaw Canvas Path Traversal Information Disclosure Vulnerability

Published Mar 2, 2026
MAL-2023-833

Malicious code in td-service-canvas (npm)

Published Mar 31, 2023
MAL-2026-3189

Malicious code in react-video-canvas (npm)

Published Apr 29, 2026
MAL-2024-71

Malicious code in cordova-plugin-canvas (npm)

Published Jan 11, 2024
MAL-2026-2524

Malicious code in a2a-chat-canvas (npm)

Published Apr 6, 2026
MAL-2023-8479

Malicious code in rb-seatlayout-canvas (npm)

Published Nov 7, 2023
GHSA-6mqc-jqh6-x8fc

OpenClaw: Gateway Canvas local-direct requests bypass Canvas HTTP and WebSocket authentication

Published Mar 26, 2026
MAL-2025-5490

Malicious code in canvas-chache-kit (npm)

Published Jun 30, 2025
MAL-2025-4641

Malicious code in canvas-helper-kit (npm)

Published Jun 4, 2025
MAL-2026-3911

Malicious code in @antv/g-canvas (npm)

Published May 19, 2026
MAL-2026-3935

Malicious code in @antv/g-plugin-canvas-path-generator (npm)

Published May 19, 2026
MAL-2026-3936

Malicious code in @antv/g-plugin-canvas-picker (npm)

Published May 19, 2026
MAL-2026-3959

Malicious code in @antv/g-plugin-zdog-canvas-renderer (npm)

Published May 19, 2026
MAL-2026-3951

Malicious code in @antv/g-plugin-rough-canvas-renderer (npm)

Published May 19, 2026
MAL-2026-3891

Malicious code in @antv/f2-canvas (npm)

Published May 19, 2026
MAL-2026-3925

Malicious code in @antv/g-mobile-canvas (npm)

Published May 19, 2026
MAL-2026-3926

Malicious code in @antv/g-mobile-canvas-element (npm)

Published May 19, 2026
MAL-2026-3937

Malicious code in @antv/g-plugin-canvas-renderer (npm)

Published May 19, 2026
MAL-2026-3938

Malicious code in @antv/g-plugin-canvaskit-renderer (npm)

Published May 19, 2026
MAL-2026-3912

Malicious code in @antv/g-canvaskit (npm)

Published May 19, 2026
MAL-2026-4131

Malicious code in canvas-nest.js (npm)

Published May 19, 2026
MAL-2026-4136

Malicious code in jest-canvas-mock (npm)

Published May 19, 2026
Check your entire dependency tree at onceRun dependency scan →