Digitalbazaar Forge
9 CVEs affecting Digitalbazaar Forge. Latest disclosed: 2026-03-27. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-33895 | High | 7.5 | 2026-03-27 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, Ed25519 signature verification a… |
CVE-2026-33894 | High | 7.5 | 2026-03-27 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, RSASSA PKCS#1 v1.5 signature ver… |
CVE-2026-33891 | High | 7.5 | 2026-03-27 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, a Denial of Service (DoS) vulner… |
CVE-2022-24772 | High | 7.5 | 2022-03-18 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verifi… |
CVE-2022-24771 | High | 7.5 | 2022-03-18 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verifi… |
CVE-2026-33896 | High | 7.4 | 2026-03-27 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, `pki.verifyCertificateChain()` d… |
CVE-2022-24773 | Medium | 5.3 | 2022-03-18 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verifi… |
CVE-2025-66030 | | 2025-11-26 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions… | |
CVE-2025-66031 | | 2025-11-26 | Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge ve… |