Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

node-forge

Ecosystem:
npm
Package URL:
pkg:npm/node-forge
Total PRs:
5,708 Dependabot PRs
Latest PR:
3 days ago
Unique Repositories:
4,645 repositories
Unique Repos (30 days):
28 repositories
Security Advisories
Forge has signature forgery in RSA-PKCS due to ASN.1 extra field
GHSA-ppp5-5v6c-4jwp CVE-2026-33894 HIGH published 3 months ago • updated 5 days ago
## Summary RSASSA PKCS#1 v1.5 signature verification accepts forged signatures for low public exponent keys (e=3). Attackers can forge signatures b...
Improper Verification of Cryptographic Signature in node-forge
GHSA-x4jg-mjrx-434g CVE-2022-24772 HIGH published over 4 years ago • updated 6 days ago
### Impact RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. Thi...
Improper Verification of Cryptographic Signature in node-forge
GHSA-cfm4-qjh2-4765 CVE-2022-24771 HIGH published over 4 years ago • updated 6 days ago
### Impact RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure t...
node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization
GHSA-5gfm-wpxj-wjgq CVE-2025-12816 HIGH published 7 months ago • updated about 9 hours ago
### Summary CVE-2025-12816 has been reserved by CERT/CC **Description** An Interpretation Conflict (CWE-436) vulnerability in node-forge versions...
node-forge has ASN.1 Unbounded Recursion
GHSA-554w-wpv2-vw27 CVE-2025-66031 HIGH published 7 months ago • updated 5 days ago
### Summary An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to ...
View all 15 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump node-forge from 1.3.1 to 1.3.2

temporalio/documentation #4026

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 3 comments
temporalio
Bump node-forge from 1.3.1 to 1.3.2 in /rtf_vis_tool

borglab/gtsfm #1006

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
borglab
build(deps-dev): bump node-forge from 1.3.1 to 1.3.2

caseconsulting/app-website #104

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
caseconsulting
Bump node-forge from 1.3.1 to 1.3.2 in /swagger

tektoncd/hub #2661

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
tektoncd
Bump node-forge from 1.3.1 to 1.3.2 in /appdev_with_generative_ai/src/knowledge-drive

GoogleCloudPlatform/gcp-getting-started-lab-jp #230

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
GoogleCloudPlatform
Bump node-forge from 1.3.1 to 1.3.2

jrquick17/ng-speed-test #111

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
jrquick17
Bump node-forge from 1.3.1 to 1.3.2

cpcwood/home-server #190

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
cpcwood
Bump node-forge from 1.3.1 to 1.3.2

Cactusman07/cinemaKing #47

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
Cactusman07
chore: bump node-forge from 1.3.1 to 1.3.2

dequelabs/cauldron #2179

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
dequelabs
Bump node-forge from 1.3.1 to 1.3.2

issackj1/react-site #768

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
issackj1
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /lib/openapi-viewer

SEKOIA-IO/documentation #2641

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
SEKOIA-IO
build(deps): bump node-forge from 1.3.1 to 1.3.2 in /functions

biharygergo/card-estimator #286

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
biharygergo
Bump node-forge from 1.3.1 to 1.3.2

uppy19d0/Firebase-Crud #67

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
uppy19d0
Bump node-forge from 1.3.1 to 1.3.2

pensjonatus/dokumentacja-do-oprogramowania #60

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
pensjonatus
build(deps-dev): bump node-forge from 1.3.1 to 1.3.2

cilium/hubble-ui #1029

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
cilium
Bump node-forge from 1.3.1 to 1.3.2

kubeedge/website #739

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
kubeedge
Bump node-forge from 1.3.1 to 1.3.2 in /sdarq/frontend

broadinstitute/dsp-appsec-infrastructure-apps #631

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
broadinstitute
Bump node-forge from 1.3.1 to 1.3.2

sannp/game_of_life #67

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
sannp
Bump node-forge from 1.3.1 to 1.3.2

weisensee/poorinter #53

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
weisensee
Bump node-forge from 1.3.1 to 1.3.2

inpercima/covid-19 #55

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
inpercima
Bump node-forge from 1.3.1 to 1.3.2 in /vue-front-end

trchopan/chatq-webapp #60

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
trchopan
Bump node-forge from 1.3.1 to 1.3.2

ita-social-projects/GreenCityClient #3917

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
ita-social-projects
chore(deps): bump node-forge from 1.3.1 to 1.3.2 in /examples/cra-example

eduardoborges/use-mask-input #141

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
eduardoborges
Bump node-forge from 1.3.1 to 1.3.2

CarlosOrqueda/React-Typescript--Template--Task #19

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
CarlosOrqueda
Bump node-forge from 1.3.1 to 1.3.2

navikt/familie-ef-sak-frontend #3264

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
navikt
Bump node-forge from 1.3.1 to 1.3.2 in /client

guybendavid/whatsapp-clone #83

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
guybendavid
Bump node-forge from 1.3.1 to 1.3.2

Mridul2820/monsters-rolodex #15

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 2 comments
Mridul2820
Bump node-forge from 1.3.1 to 1.3.2 in /documentation

qdraw/starsky #2490

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
qdraw
Bump node-forge from 1.3.1 to 1.3.2 in /frontend

Henryk91/note #62

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
Henryk91
Bump node-forge from 1.3.1 to 1.3.2

amphineko/futa.moe #30

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
amphineko
Bump node-forge from 1.3.1 to 1.3.2

iFixit/jux #49

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
iFixit
Bump node-forge from 1.3.1 to 1.3.2

roroettg/ngx-blockly #124

1.3.1 → 1.3.2 Patch PR
Open 7 months ago 1 comment
roroettg
Bump node-forge from 1.3.1 to 1.3.2 in /client

jackcranston/websockets-quiz #4

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
jackcranston
Bump node-forge from 1.3.1 to 1.3.2

Annestezia/fcc-markdown-previewer #36

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
Annestezia
Bump node-forge from 1.3.1 to 1.3.2 in /client

traPtitech/anke-to #1417

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
traPtitech
Bump node-forge from 1.3.1 to 1.3.2

OpenConext/Stepup-AzureMFA #217

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
OpenConext
Bump node-forge from 1.3.1 to 1.3.2 in /docs

nt0xa/sonar #215

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
nt0xa
Bump node-forge from 1.3.1 to 1.3.2

bleakley/dead-mans-hand #67

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
bleakley
Bump node-forge from 1.3.1 to 1.3.2

ashawkat/TVMaze-ShowList #16

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
ashawkat
Bump node-forge from 1.3.1 to 1.3.2 in /hackernews-frontend

tonimelisma/hackernews #66

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
tonimelisma
build(deps-dev): bump node-forge from 1.3.1 to 1.3.2

VueDominicana/DominicanWhoCodes #176

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
VueDominicana
Bump node-forge from 1.3.1 to 1.3.2

abdul23lm/covid19-laravel-website #113

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
abdul23lm
Bump node-forge from 1.3.1 to 1.3.2

doraemonpup/react-resort #41

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
doraemonpup
build(deps): bump node-forge from 1.3.1 to 1.3.2

cbrenner04/groceries-client #620

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
cbrenner04
build(deps): bump node-forge from 1.3.1 to 1.3.2

saileshbro/crown-clothing #494

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
saileshbro
Bump node-forge from 1.3.1 to 1.3.2 in /docs.openc3.com in the npm_and_yarn group across 1 directory

OpenC3/cosmos #2575

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 3 comments
OpenC3
chore(deps): bump node-forge from 1.3.1 to 1.3.2

saileshbro/tictactoe #149

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 2 comments
saileshbro
Bump node-forge from 1.3.1 to 1.3.2

twohoursonelife/twotech #119

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
twohoursonelife
Bump node-forge from 1.3.1 to 1.3.2 in /my-app

bnding/bnding.github.io #5

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
bnding
Bump node-forge from 1.3.1 to 1.3.2

gideongoddard/ravenous #22

1.3.1 → 1.3.2 Patch PR
Closed 7 months ago 1 comment
gideongoddard
Package Details
Name: node-forge
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/node-forge
JSON API: View JSON
Security Advisories

15

Active advisories
HIGH 9
MODERATE 3
LOW 3
View All npm Advisories
Package Information
Description:

JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Repository: https://github.com/digitalbazaar/forge
Homepage: https://github.com/digitalbazaar/forge
Latest Release: 1.3.1
about 4 years ago
Dependent Repos: 3,039,204
Dependent Packages: 2,329
Downloads: 99,242,131
Ranking: Top 0.0058% by dependent repos Top 0.0211% by downloads Top 0.0344% by dependent pkgs
PR Status
Open 2,967 (52.0%)
Merged 58 (1.0%)
Closed 2,658 (46.6%)
PR Types
Major 1,166 (20.4%)
Minor 1,538 (26.9%)
Patch 2,926 (51.3%)
Removal 43 (0.8%)