Linux Distros Unpatched Vulnerability : CVE-2025-66030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3....

CVE-2025-66030

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be...

Integer Overflow or Wraparound

Overview node-forge is a JavaScript implementations of network transports, cryptography, ciphers, PKI, message digests, and various utilities. Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the derToOid function in the asn1.js file, which decodes ASN.1...

PT-2025-48201

Name of the Vulnerable Software and Affected Versions node-forge versions 1.3.1 and below Description An Integer Overflow issue exists in node-forge, a native implementation of Transport Layer Security in JavaScript. The flaw resides in the parsing of ASN.1 structures containing OIDs with oversiz...