aikido.dev Secure My Code

Package Health/openpgp

openpgp

OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.

Latest 6.3.0

NPM

79%

Total Score

Maintainer Stability

43

Dependencies

100

Maturity

100

Supply Chain

100

Attestations

50

Are you affected? Scan for Free

Vulnerabilities

Title	Versions	Severity
CVE-2025-47934 openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 5.0.1 - 5.11.2 and 6.0.0-alpha.0 - 6.1.0.	5.0.1 - 5.11.26.0.0-alpha.0 - 6.1.0	High
CVE-2023-41037 openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.0 - 4.10.11 and 5.0.0 - 5.10.1.	0.0.0 - 4.10.115.0.0 - 5.10.1	Medium
CVE-2015-8013 openpgp is vulnerable to Security Vulnerability in versions 0.0.0 - 1.3.0.	0.0.0 - 1.3.0	High
CVE-2019-9155 openpgp is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in versions 0.0.0 - 4.3.0.	0.0.0 - 4.3.0	Medium
CVE-2019-9154 openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.0 - 4.1.2.	0.0.0 - 4.1.2	High

Package versions

Maintainers

Direct Dependencies

No direct dependencies.

79%

Total Score

Maintainer Stability

43

Dependencies

100

Maturity

100

Supply Chain

100

Attestations

50

Are you affected? Scan for Free

Weekly Downloads

Info

Last Published: 5 months ago
Created: 12 years ago
Unpacked Size: 16.6 MB

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Free. No credit card required.

Aikido Platform

Company

Resources

Industries

Use Cases

Compare

Legal

Connect

hello@aikido.dev

Security

Subscribe

Stay up to date with all updates

LinkedIn YouTube X

© 2026 Aikido Security BV | BE0792914919

Keizer Karelstraat 15, 9000, Ghent, Belgium

95 Third St, 2nd Fl, San Francisco, CA 94103, US

Unit 6.15 Runway East 18 18 Crucifix Ln, London SE1 3JW UK

Ghent, Belgium | San Francisco, US

SOC 2

ISO 27001

ISO 27001Compliant

Get Security Done