sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
References
Link | Resource |
---|---|
https://hackerone.com/reports/319593 | Exploit Third Party Advisory |
Configurations
History
30 Jan 2023, 16:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:joyent:sshpk:*:*:*:*:*:node.js:*:* |
Information
Published : 2018-06-07 02:29
Updated : 2023-12-10 12:30
NVD link : CVE-2018-3737
Mitre link : CVE-2018-3737
CVE.ORG link : CVE-2018-3737
JSON object : View
Products Affected
joyent
- sshpk