pkg:npm/openpgp

All known vulnerabilities

• HIGH7.5CVE-2015-8013OpenPGP 1.2.0 and earlier decrypts arbitrary messages
  from 0, < 1.3.0
• HIGH7.5CVE-2019-9153Message Signature Bypass in openpgp
  from 0, < 4.2.0
• HIGH7.5CVE-2019-9154Improper Key Verification in openpgp
  from 0, < 4.2.0
• MEDIUM5.9Invalid Curve Attack in openpgp
  from 0, < 4.3.0
• MEDIUM4.3Cleartext Signed Message Signature Spoofing in openpgp
  from 0, < 4.10.11
• —OpenPGP.js's message signature verification can be spoofed
  >= 5.0.1, < 5.11.3