Forge (also called node-forge) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in node-forge version 1.3.0. There are currently no known workarounds.
Weakness
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Forge | Digitalbazaar | * | 1.3.0 (excluding) |
| OpenShift Service Mesh 2.1 | RedHat | openshift-service-mesh/kiali-rhel8:1.36.9-1 | * |
| Red Hat OpenShift Data Foundation 4.11 on RHEL8 | RedHat | odf4/mcg-core-rhel8:v4.11.0-30 | * |
| Red Hat OpenShift Data Foundation 4.11 on RHEL8 | RedHat | odf4/odf-console-rhel8:v4.11.0-51 | * |
| RHINT Service Registry 2.3.0 GA | RedHat | node-forge | * |
| RHPAM 7.13.1 async | RedHat | node-forge | * |
| Node-node-forge | Ubuntu | focal | * |
| Node-node-forge | Ubuntu | impish | * |
| Node-node-forge | Ubuntu | kinetic | * |
| Node-node-forge | Ubuntu | trusty | * |
| Node-node-forge | Ubuntu | xenial | * |
Related Attack Patterns
References
- https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
- https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
- https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g
- https://github.com/digitalbazaar/forge/commit/3f0b49a0573ef1bb7af7f5673c0cfebf00424df1
- https://github.com/digitalbazaar/forge/commit/bb822c02df0b61211836472e29b9790cc541cdb2
- https://github.com/digitalbazaar/forge/security/advisories/GHSA-x4jg-mjrx-434g