Package Health

openpgp

OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.

Latest 6.3.1NPMNPM

93%

Total Score

Maintainer Stability
Maintainer Stability
Assesses the consistency and reliability of package maintainers

96

Dependencies
Dependencies
Evaluates the health and security of package dependencies

100

Maturity
Maturity
Indicates package age, release frequency, and adoption metrics

89

Supply Chain
Supply Chain
Evaluates supply chain security practices and risks

100

Attestations
Attestations
Measures the presence and validity of package attestations and signatures

0

Are you affected? Scan for Free

Vulnerabilities

TitleVersionsSeverity
AIKIDO-2026-165900 Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
New
openpgp is vulnerable to Uncontrolled Resource Consumption in versions 6.0.0 - 6.3.0.
6.0.0 - 6.3.0
Medium
CVE-2025-47934
openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 5.0.1 - 5.11.2 and 6.0.0-alpha.0 - 6.1.0.
5.0.1 - 5.11.26.0.0-alpha.0 - 6.1.0
High
CVE-2023-41037
openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.0 - 4.10.11 and 5.0.0 - 5.10.1.
0.0.0 - 4.10.115.0.0 - 5.10.1
Medium
CVE-2015-8013
openpgp is vulnerable to Security Vulnerability in versions 0.0.0 - 1.3.0.
0.0.0 - 1.3.0
High
CVE-2019-9155
openpgp is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in versions 0.0.0 - 4.3.0.
0.0.0 - 4.3.0
Medium

Package versions

Direct Dependencies

No direct dependencies.

Weekly Downloads

Info

Last Published
1 month ago
Created
12 years ago
Unpacked Size
16.6 MB