pkg:npm/openpgp

All known vulnerabilities

• HIGH7.5CVE-2015-8013OpenPGP 1.2.0 and earlier decrypts arbitrary messages
  from 0, < 1.3.0
• HIGH7.5CVE-2019-9153Message Signature Bypass in openpgp
  from 0, < 4.2.0
• HIGH7.5CVE-2019-9154Improper Key Verification in openpgp
  from 0, < 4.2.0
• MEDIUM5.9CVE-2019-9155Invalid Curve Attack in openpgp
  from 0, < 4.3.0
• MEDIUM4.3CVE-2023-41037Cleartext Signed Message Signature Spoofing in openpgp
  from 0, < 4.10.11
• —CVE-2025-47934OpenPGP.js's message signature verification can be spoofed
  >= 5.0.1, < 5.11.3