node-forge@0.6.3 vulnerabilities

JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Direct Vulnerabilities

Known vulnerabilities in the node-forge package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Improper Verification of Cryptographic Signature

node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to RSA's PKCS#1 v1.5 signature verification code which does not properly check DigestInfo for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest.

How to fix Improper Verification of Cryptographic Signature?

Upgrade node-forge to version 1.3.0 or higher.

<1.3.0
  • M
Improper Verification of Cryptographic Signature

node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to RSAs PKCS#1` v1.5 signature verification code which is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used.

How to fix Improper Verification of Cryptographic Signature?

Upgrade node-forge to version 1.3.0 or higher.

<1.3.0
  • H
Improper Verification of Cryptographic Signature

node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to RSA's PKCS#1 v1.5 signature verification code which does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used.

How to fix Improper Verification of Cryptographic Signature?

Upgrade node-forge to version 1.3.0 or higher.

<1.3.0
  • M
Prototype Pollution

node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Affected versions of this package are vulnerable to Prototype Pollution via the forge.debug API if called with untrusted input.

How to fix Prototype Pollution?

Upgrade node-forge to version 1.0.0 or higher.

<1.0.0
  • M
Open Redirect

node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Affected versions of this package are vulnerable to Open Redirect via parseUrl function when it mishandles certain uses of backslash such as https:/\/\/\ and interprets the URI as a relative path.

PoC:


// poc.js
var forge = require("node-forge");
var url = forge.util.parseUrl("https:/\/\/\www.github.com/foo/bar");
console.log(url);

// Output of node poc.js:

{
  full: 'https://',
  scheme: 'https',
  host: '',
  port: 443,
  path: '/www.github.com/foo/bar',                        <<<---- path  should be "/foo/bar"
  fullHost: ''
}

How to fix Open Redirect?

Upgrade node-forge to version 1.0.0 or higher.

<1.0.0
  • H
Prototype Pollution

node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities.

Affected versions of this package are vulnerable to Prototype Pollution via the util.setPath function.

Note: version 0.10.0 is a breaking change removing the vulnerable functions.

POC:

const nodeforge = require('node-forge');
var obj = {};
nodeforge.util.setPath(obj, ['__proto__', 'polluted'], true);
console.log(polluted);

How to fix Prototype Pollution?

Upgrade node-forge to version 0.10.0 or higher.

<0.10.0
  • M
Regular Expression Denial of Service (ReDoS)

node-forge is a native implementation of TLS (and various other cryptographic tools) in JavaScript.

Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks. This can cause an impact of about 10 seconds matching time for data 3K characters long.

How to fix Regular Expression Denial of Service (ReDoS)?

Update node-forge to version 0.7.4 or higher.

<0.7.4
  • M
Timing Attack

node-forge is a JavaScript implementation of network transports, cryptography, ciphers, PKI, message digests, and various utilities. Affected versions of the package are vulnerable to a Timing Attack due to unsafe HMAC comparison. The HMAC algorithm produces a keyed message by pairing a hash function with a cryptographic key. Both the key and a message serve as input to this algorithm, while it outputs a fixed-length digest output which can be sent with the message. Anyone who knows the key can repeat the algorithm and compare their calculated HMAC with one they have received, to verify a message originated from someone with knowledge of the key and has not been tampered with.

The problem begins when trying to compare two HMACs. This is the part of code that handles the comparison:

if(byteArrayA.length != byteArrayB.length) { return false; }
for(int i = 0; i < byteArrayA.length; i++) {
  if(byteArrayA[i] != byteArrayB[i]) { return false; }
}
return true;

The issue is that the more bytes match in the two arrays, the more comparisons are formed and the longer it'll take to return a result. This may allow attackers to brute force their way into the servers.

How to fix Timing Attack?

Upgrade node-forge to version 0.6.33 or higher.

<0.6.33