Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

node-forge

Ecosystem:
npm
Package URL:
pkg:npm/node-forge
Total PRs:
5,705 Dependabot PRs
Latest PR:
1 day ago
Unique Repositories:
4,643 repositories
Unique Repos (30 days):
29 repositories
Security Advisories
Forge has signature forgery in RSA-PKCS due to ASN.1 extra field
GHSA-ppp5-5v6c-4jwp CVE-2026-33894 HIGH published 3 months ago • updated 4 days ago
## Summary RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures b...
node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization
GHSA-5gfm-wpxj-wjgq CVE-2025-12816 HIGH published 7 months ago • updated 4 days ago
### Summary CVE-2025-12816 has been reserved by CERT/CC **Description** An Interpretation Conflict (CWE-436) vulnerability in node-forge versions...
Improper Verification of Cryptographic Signature in node-forge
GHSA-x4jg-mjrx-434g CVE-2022-24772 HIGH published over 4 years ago • updated 4 days ago
### Impact RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. Thi...
Improper Verification of Cryptographic Signature in node-forge
GHSA-cfm4-qjh2-4765 CVE-2022-24771 HIGH published over 4 years ago • updated 4 days ago
### Impact RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure t...
node-forge has ASN.1 Unbounded Recursion
GHSA-554w-wpv2-vw27 CVE-2025-66031 HIGH published 7 months ago • updated 4 days ago
### Summary An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to ...
View all 15 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump node-forge from 1.3.1 to 1.3.2

bluet/netlify-content-ops-starter #59

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
bluet
chore(deps): bump node-forge from 1.3.1 to 1.3.2

Issadeen/ia25 #14

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
Issadeen
Bump node-forge from 1.3.1 to 1.3.2

kuto3/DURANDALL #22

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
kuto3
Bump node-forge from 1.3.1 to 1.3.2

bravesyntax/React-portfolio-web #5

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
bravesyntax
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /core

entrepeneur4lyf/continue #38

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
entrepeneur4lyf
Bump node-forge from 1.3.1 to 1.3.2

dhis2/tool-category-dimension-disabler #4

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
dhis2
Bump node-forge from 1.3.1 to 1.3.2 in /gohighlevel-saas-backend/functions

fakebizprez/ai-agents-masterclass #22

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
fakebizprez
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /MoonPay/Moonpay - Trustless

Trustless-Work/Product #197

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
Trustless-Work
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /mobile/rn

lcaohoanq/shoppe #74

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
lcaohoanq
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /docs

convergence-rfq/eliza #19

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
convergence-rfq
Bump node-forge from 1.3.1 to 1.3.2

AplUSAndmINUS/beta-hive-story-submission #7

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
AplUSAndmINUS
chore(deps): bump node-forge from 1.3.1 to 1.3.2

michaelsynan/agency #7

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
michaelsynan
Bump node-forge from 1.3.1 to 1.3.2

pheobeayo/greenearns-dao #14

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
pheobeayo
chore(deps-dev): bump node-forge from 1.3.1 to 1.3.2 in /figminha

Samuel-Ricardo/Figma_clone #65

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
Samuel-Ricardo
chore(deps): bump node-forge from 1.3.1 to 1.3.2

envoy1084/supermesh #2

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
envoy1084
chore(deps): bump node-forge from 1.3.1 to 1.3.2

Dargon789/safe-wallet-web #321

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 4 comments
Dargon789
Bump node-forge from 1.3.1 to 1.3.2

AMarcosCastelo/mvp #310

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
AMarcosCastelo
Bump node-forge from 1.3.1 to 1.3.2 in /local_lens_web

marXus-3D/GebetaMaps_Hackathon #11

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
marXus-3D
chore(deps): bump node-forge from 1.3.1 to 1.3.2

LuisAPI/sifrimail #37

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
LuisAPI
chore(deps-dev): bump node-forge from 1.3.1 to 1.3.2 in /webapp

robfrank/linklift #444

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
robfrank
Bump node-forge from 1.3.1 to 1.3.2

apartmentlist/copilot-metrics-viewer #17

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
apartmentlist
Bump node-forge from 1.3.1 to 1.3.2

skbidisigma1/MoBank #11

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
skbidisigma1
chore(deps-dev): bump node-forge from 1.3.1 to 1.3.2

lightspeedwp/super-cool-ad-inserter-plugin #6

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
lightspeedwp
Bump node-forge from 1.3.1 to 1.3.2

wisdom-oss/frontend #219

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
wisdom-oss
Bump the npm_and_yarn group across 1 directory with 2 updates

marsender/directus-project #8

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
marsender
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /example-dimo-auth

DIMO-Network/login-with-dimo #94

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
DIMO-Network
build(deps): bump node-forge from 1.3.1 to 1.3.2 in /nuxt3-app

entrepeneur4lyf/Nuxt3-Laravel-Reverb-Chat #11

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
entrepeneur4lyf
Bump node-forge from 1.3.1 to 1.3.2

johnhelmuth/cluster-map #76

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 3 comments
johnhelmuth
Bump node-forge from 1.3.1 to 1.3.2

kanhaic/easyhr-website-nuxt #24

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
kanhaic
Bump node-forge from 1.3.1 to 1.3.2

shivanshusoni185/TextUtils #8

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
shivanshusoni185
Bump node-forge from 1.3.1 to 1.3.2

DSpace-Labs/dspace-angular-7x #17

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
DSpace-Labs
Bump node-forge from 1.3.1 to 1.3.2 in /spicehub-mobile

SpiceGears/spiceapps #23

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
SpiceGears
Bump node-forge from 1.3.1 to 1.3.2

PatrickElfert/immersion-player #16

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
PatrickElfert
Bump node-forge from 1.3.1 to 1.3.2 in the npm_and_yarn group across 1 directory

guibranco/gstraccini-bot-docs #105

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
guibranco
Bump node-forge from 1.3.1 to 1.3.2

markhazleton/ReactSparkPortfolio #18

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 8 comments
markhazleton
build(deps): Bump node-forge from 1.3.1 to 1.3.2 in /apps/otel-react

nlamirault/opentelemetry-lab #53

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
nlamirault
Bump node-forge from 1.3.1 to 1.3.2

bcarpe1/plannel-apps #20

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
bcarpe1
chore(deps): bump node-forge from 1.3.1 to 1.3.2

Drop-OSS/drop #295

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
Drop-OSS
Bump node-forge from 1.3.1 to 1.3.2

kerfaiyass54/blog-project #14

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 3 comments
kerfaiyass54
Bump node-forge from 1.3.1 to 1.3.2 in /Ui

TomasiDeveloping/PlayerManagement #21

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
TomasiDeveloping
Bump node-forge from 1.3.1 to 1.3.2

Komsomol/pichouse-ssr #11

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
Komsomol
chore(deps): bump node-forge from 1.3.1 to 1.3.2

aws/aws-cdk-cli #965

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
aws
Bump node-forge from 1.3.1 to 1.3.2

Laplusdestiny/Laplusblog #60

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
Laplusdestiny
Bump node-forge from 1.3.1 to 1.3.2 in /weather

SwarnavaNayak/WeatherApp #18

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
SwarnavaNayak
Bump node-forge from 1.3.1 to 1.3.2

sirfreedom/RGrid #14

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
sirfreedom
Bump node-forge from 1.3.1 to 1.3.2

Subilan/Frame #21

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
Subilan
Bump node-forge from 1.3.1 to 1.3.2

allancoding/bfoot-calc #16

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
allancoding
build(deps-dev): bump node-forge from 1.3.1 to 1.3.2

Bluewolf787/Startpage #35

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
Bluewolf787
build(deps): bump node-forge from 1.3.1 to 1.3.2

mralaminahamed/wp-dev-toolkit #8

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
mralaminahamed
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /wiki

cipher-fox/nestjs-cryptography #24

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
cipher-fox
Package Details
Name: node-forge
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/node-forge
JSON API: View JSON
Security Advisories

15

Active advisories
HIGH 9
MODERATE 3
LOW 3
View All npm Advisories
Package Information
Description:

JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Repository: https://github.com/digitalbazaar/forge
Homepage: https://github.com/digitalbazaar/forge
Latest Release: 1.3.1
about 4 years ago
Dependent Repos: 3,039,204
Dependent Packages: 2,329
Downloads: 99,242,131
Ranking: Top 0.0058% by dependent repos Top 0.0211% by downloads Top 0.0344% by dependent pkgs
PR Status
Open 2,966 (52.0%)
Merged 58 (1.0%)
Closed 2,657 (46.6%)
PR Types
Major 1,166 (20.4%)
Minor 1,537 (26.9%)
Patch 2,926 (51.3%)
Removal 42 (0.7%)