SPA-asp.net-api-vuejs-
SPA-asp.net-api-vuejs- copied to clipboard
Published
20 hours ago •
mubaidr
mubaidr
WS-2018-0084 High Severity Vulnerability detected by WhiteSource
WS-2018-0084 - High Severity Vulnerability
Vulnerable Library - sshpk-1.13.1.tgz
A library for finding and using SSH public keys
path: /tmp/git/SPA-asp.net-api-vuejs-/MBO/node_modules/sshpk/package.json
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.13.1.tgz
Dependency Hierarchy:
- prerender-spa-plugin-2.1.0.tgz (Root Library)
- phantomjs-prebuilt-2.1.8.tgz
- request-2.74.0.tgz
- http-signature-1.1.1.tgz
- :x: sshpk-1.13.1.tgz (Vulnerable Library)
- http-signature-1.1.1.tgz
- request-2.74.0.tgz
- phantomjs-prebuilt-2.1.8.tgz
Vulnerability Details
Versions of sshpk before 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.
Publish Date: 2018-04-25
URL: WS-2018-0084
CVSS 2 Score Details (8.0)
Base Score Metrics not available
Step up your Open Source Security Game with WhiteSource here
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "Published by a pub.dev verified publisher"){kind=small}