CVE-2018-3737
N/A
N/A
Summary
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | sshpk node module | Versions up to and including 1.13.1 | affected |
Weaknesses
- CWE-770: Allocation of Resources Without Limits or Throttling (CWE-770)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.