Description
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
Remediation
References
https://hackerone.com/reports/319593
Related Vulnerabilities
CVE-2020-10244 Vulnerability in maven package dev.paseto:jpaseto-sodium
CVE-2022-38545 Vulnerability in npm package valine
CVE-2023-43642 Vulnerability in maven package org.xerial.snappy:snappy-java
CVE-2022-21681 Vulnerability in npm package marked
CVE-2018-3721 Vulnerability in maven package org.webjars.bower:lodash