@@ -11,7 +11,7 @@ Forge ChangeLog
1111 divergence that may bypass downstream cryptographic verifications and
1212 security decisions.
1313- Reported by Hunter Wodzenski.
14- - CVE ID:[ CVE-2025 -12816] ( https://cve.mitre. org/cgi-bin/cvename.cgi?name =CVE-2025-12816 )
14+ - CVE ID:[ CVE-2025 -12816] ( https://www. cve.org/CVERecord?id =CVE-2025-12816 )
1515- GHSA ID:[ GHSA-5gfm -wpxj-wjgq] ( https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq )
1616- ** HIGH** : ASN.1 Unbounded Recursion
1717- An Uncontrolled Recursion (CWE-674) vulnerability in node-forge versions
@@ -20,6 +20,7 @@ Forge ChangeLog
2020 Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER
2121 inputs.
2222- Reported by Hunter Wodzenski.
23+ - CVE ID:[ CVE-2025 -66031] ( https://www.cve.org/CVERecord?id=CVE-2025-66031 )
2324- GHSA ID:[ GHSA-554w -wpv2-vw27] ( https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27 )
2425- ** MODERATE** : ASN.1 OID Integer Truncation
2526- An Integer Overflow (CWE-190) vulnerability in node-forge versions 1.3.1
@@ -28,6 +29,7 @@ Forge ChangeLog
2829 as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the
2930 bypass of downstream OID-based security decisions.
3031- Reported by Hunter Wodzenski.
32+ - CVE ID:[ CVE-2025 -66030] ( https://www.cve.org/CVERecord?id=CVE-2025-66030 )
3133- GHSA ID:[ GHSA-65ch -62r8-g69g] ( https://github.com/digitalbazaar/forge/security/advisories/GHSA-65ch-62r8-g69g )
3234
3335###Fixed