Program Removed
This program is no longer available on YesWeHack. The scope data shown below is historical and may not reflect the final state of the program.
openpgp-js-bug-bounty-program
6
In Scope
3
Out of Scope
In-Scope Assets (6)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| interoperability issue in openpgp.js | OTHER | Yes | - | |
| interoperability issue in openpgp.js | OPEN-SOURCE | Yes | - | |
| security vulnerability in openpgp.js's high-level api | OPEN-SOURCE | Yes | - | |
| security vulnerability in openpgp.js's high-level api | OTHER | Yes | - | |
| security vulnerability in the openpgp standard | OTHER | Yes | - | |
| security vulnerability in the openpgp standard | OPEN-SOURCE | Yes | - |
Out-of-Scope Assets (3)
| Asset | Category | Bounty | |
|---|---|---|---|
| interoperability issues that are caused by other openpgp implementations' non-compliance with the openpgp standard | OTHER | Yes | |
| security vulnerabilities in the openpgp standard that are not possible to fix or work around in openpgp.js (without causing interoperability issues) | OTHER | Yes | |
| security vulnerabilities that can only be caused by using openpgp.js's low-level api, or by using openpgp.js's high-level api in an incorrect or unintended way | OTHER | Yes |
Scope Changes (22)
Apr 1, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Program Removed | — | — | — | 10:21 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | interoperability issue in openpgp.js | OTHER | In Scope | 19:09 |
| Added | security vulnerabilities that can only be caused by using openpgp.js's low-level api, or by using openpgp.js's high-level api in an incorrect or unintended way | OTHER | Out of Scope | 19:09 |
| Added | security vulnerabilities in the openpgp standard that are not possible to fix or work around in openpgp.js (without causing interoperability issues) | OTHER | Out of Scope | 19:09 |
| Added | interoperability issues that are caused by other openpgp implementations' non-compliance with the openpgp standard | OTHER | Out of Scope | 19:09 |
| Added | security vulnerability in openpgp.js's high-level api | OTHER | In Scope | 19:09 |
| Added | security vulnerability in the openpgp standard | OTHER | In Scope | 19:09 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | security vulnerability in the openpgp standard | OPEN-SOURCE | In Scope | 00:52 |
| Added | security vulnerabilities in the openpgp standard that are not possible to fix or work around in openpgp.js (without causing interoperability issues) | OTHER | Out of Scope | 00:52 |
| Added | interoperability issues that are caused by other openpgp implementations' non-compliance with the openpgp standard | OTHER | Out of Scope | 00:52 |
| Added | security vulnerability in openpgp.js's high-level api | OPEN-SOURCE | In Scope | 00:52 |
| Added | interoperability issue in openpgp.js | OPEN-SOURCE | In Scope | 00:52 |
| Added | security vulnerabilities that can only be caused by using openpgp.js's low-level api, or by using openpgp.js's high-level api in an incorrect or unintended way | OTHER | Out of Scope | 00:52 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | security vulnerability in openpgp.js's high-level api | OPEN-SOURCE | In Scope | 21:40 |
| Removed | security vulnerability in the openpgp standard | OPEN-SOURCE | In Scope | 21:40 |
| Removed | interoperability issue in openpgp.js | OPEN-SOURCE | In Scope | 21:40 |
| Removed | security vulnerabilities that can only be caused by using openpgp.js's low-level api, or by using openpgp.js's high-level api in an incorrect or unintended way | OTHER | Out of Scope | 21:40 |
| Removed | security vulnerabilities in the openpgp standard that are not possible to fix or work around in openpgp.js (without causing interoperability issues) | OTHER | Out of Scope | 21:40 |
| Removed | interoperability issues that are caused by other openpgp implementations' non-compliance with the openpgp standard | OTHER | Out of Scope | 21:40 |
| Added | security vulnerabilities in the openpgp standard that are not possible to fix or work around in openpgp.js (without causing interoperability issues) | OTHER | Out of Scope | 00:33 |
| Added | interoperability issues that are caused by other openpgp implementations' non-compliance with the openpgp standard | OTHER | Out of Scope | 00:33 |
| Added | security vulnerabilities that can only be caused by using openpgp.js's low-level api, or by using openpgp.js's high-level api in an incorrect or unintended way | OTHER | Out of Scope | 00:33 |