Description
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
Remediation
References
https://hackerone.com/reports/319593
Related Vulnerabilities
CVE-2021-41183 Vulnerability in maven package org.webjars.bower:jquery-ui
CVE-2023-44487 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-0624 Vulnerability in maven package org.webjars.npm:parse-path
CVE-2020-28437 Vulnerability in npm package heroku-env
CVE-2022-38751 Vulnerability in maven package org.yaml:snakeyaml