📦 Forge

An uncontrolled recursion vulnerability in node-forge versions 1.3.1 and below allows remote attackers to craft malicious ASN.1 structures that trigger unbounded recursive parsing, leading to denial-o...

An interpretation conflict vulnerability in node-forge versions 1.3.1 and earlier allows attackers to craft malicious ASN.1 structures that desynchronize schema validations, potentially bypassing cryp...

CVE-2022-24771 is a cryptographic vulnerability in node-forge that allows signature forgery when using RSA PKCS#1 v1.5 with low public exponents. Attackers can exploit lenient digest algorithm structu...