CVE-2022-24771: 
JavaScript vulnerability analysis and mitigation

Forge (also called node-forge), a native implementation of Transport Layer Security in JavaScript, was found to have a vulnerability in versions prior to 1.3.0. The vulnerability (CVE-2022-24771) involves lenient checking of the digest algorithm structure in RSA PKCS#1 v1.5 signature verification code. This vulnerability was discovered and reported by Moosa Yahyazadeh from the University of Iowa (GitHub Advisory).

The vulnerability stems from the RSA PKCS#1 v1.5 signature verification code being too permissive when checking the digest algorithm structure. This leniency allows an attacker to craft a structure that can steal padding bytes and utilize the unchecked portion of the PKCS#1 encoded message to forge a signature, particularly when a low public exponent is being used. The vulnerability has a CVSS v3.1 base score of 7.5 (HIGH) with a vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N, indicating network accessibility with low attack complexity and no required privileges or user interaction (NVD).

The vulnerability can lead to signature forgery, allowing attackers to bypass signature verification mechanisms. This primarily affects the integrity of signed data, as indicated by the CVSS metrics showing high impact on integrity but no impact on confidentiality or availability (GitHub Advisory).

The vulnerability has been fixed in node-forge version 1.3.0. The fix includes making the ASN.1 fromDer function more strict by default, ensuring all input bytes are parsed, and implementing proper validation of the DigestInfo structure and algorithm identifiers. Users should upgrade to version 1.3.0 or later as there are no known workarounds (GitHub Advisory).