1 results (0.001 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. sshpk es vulnerable a una denegación de servicio con expresiones regulares (ReDoS) cuando se parsean claves públicas manipuladas no válidas. • https://github.com/ossf-cve-benchmark/CVE-2018-3737 https://hackerone.com/reports/319593 https://access.redhat.com/security/cve/CVE-2018-3737 https://bugzilla.redhat.com/show_bug.cgi?id=1567228 • CWE-185: Incorrect Regular Expression CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •