Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/sshpk@1.13.1
purl pkg:npm/sshpk@1.13.1
Next non-vulnerable version 1.13.2
Latest non-vulnerable version 1.14.1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-28g1-8vqv-1ugx
Aliases:
CVE-2018-3737
GHSA-2m39-62fm-q8r3
Incorrect Regular Expression sshpk is vulnerable to ReDoS when parsing maliciously crafted invalid public keys.
1.13.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T20:44:21.525035+00:00 GitLab Importer Affected by VCID-28g1-8vqv-1ugx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/sshpk/CVE-2018-3737.yml 38.4.0
2026-04-16T01:22:20.507535+00:00 GHSA Importer Affected by VCID-28g1-8vqv-1ugx https://github.com/advisories/GHSA-2m39-62fm-q8r3 38.4.0
2026-04-11T21:55:08.045538+00:00 GitLab Importer Affected by VCID-28g1-8vqv-1ugx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/sshpk/CVE-2018-3737.yml 38.3.0
2026-04-11T12:51:26.873666+00:00 GHSA Importer Affected by VCID-28g1-8vqv-1ugx https://github.com/advisories/GHSA-2m39-62fm-q8r3 38.3.0
2026-04-02T22:08:38.279876+00:00 GitLab Importer Affected by VCID-28g1-8vqv-1ugx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/sshpk/CVE-2018-3737.yml 38.1.0
2026-04-02T13:44:44.916541+00:00 GHSA Importer Affected by VCID-28g1-8vqv-1ugx https://github.com/advisories/GHSA-2m39-62fm-q8r3 38.1.0
2026-04-01T12:47:45.076505+00:00 GitLab Importer Affected by VCID-28g1-8vqv-1ugx https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/sshpk/CVE-2018-3737.yml 38.0.0