OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.
93%
Total Score
96
100
89
100
0
| Title | Versions | Severity |
|---|---|---|
AIKIDO-2026-165900 Pre-CVE Found by Aikido Intel before public disclosure or CVE publication. openpgp is vulnerable to Uncontrolled Resource Consumption in versions 6.0.0 - 6.3.0. | 6.0.0 - 6.3.0 | Medium |
CVE-2025-47934 openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 5.0.1 - 5.11.2 and 6.0.0-alpha.0 - 6.1.0. | 5.0.1 - 5.11.26.0.0-alpha.0 - 6.1.0 | High |
CVE-2023-41037 openpgp is vulnerable to Improper Verification of Cryptographic Signature in versions 0.0.0 - 4.10.11 and 5.0.0 - 5.10.1. | 0.0.0 - 4.10.115.0.0 - 5.10.1 | Medium |
CVE-2015-8013 openpgp is vulnerable to Security Vulnerability in versions 0.0.0 - 1.3.0. | 0.0.0 - 1.3.0 | High |
CVE-2019-9155 openpgp is vulnerable to Use of a Broken or Risky Cryptographic Algorithm in versions 0.0.0 - 4.3.0. | 0.0.0 - 4.3.0 | Medium |
No direct dependencies.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant