Package impact
npm / openpgp
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-8013 | high | 7.5 | 7.5 | 9y ago | OpenPGP 1.2.0 and earlier decrypts arbitrary messages | |||
| CVE-2025-47934 | unknown | — | — | 1y ago | OpenPGP.js's message signature verification can be spoofed | |||
| CVE-2023-41037 | unknown | — | — | 3y ago | Cleartext Signed Message Signature Spoofing in openpgp | |||
| CVE-2019-9155 | unknown | — | — | 7y ago | Invalid Curve Attack in openpgp | |||
| CVE-2019-9153 | unknown | — | — | 7y ago | Message Signature Bypass in openpgp | |||
| CVE-2019-9154 | unknown | — | — | 7y ago | Improper Key Verification in openpgp |