Description
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
Remediation
References
https://hackerone.com/reports/319593
Related Vulnerabilities
CVE-2020-7703 Vulnerability in npm package nis-utils
CVE-2020-8136 Vulnerability in npm package fastify-multipart
CVE-2021-32643 Vulnerability in maven package org.http4s:http4s-core
CVE-2023-38889 Vulnerability in maven package org.alluxio:alluxio-parent
CVE-2021-27850 Vulnerability in maven package org.apache.tapestry:tapestry-core