CVE-2022-24772: 
JavaScript vulnerability analysis and mitigation

Forge (also called node-forge), a native implementation of Transport Layer Security in JavaScript, was found to have a signature verification vulnerability (CVE-2022-24772) prior to version 1.3.0. The RSA PKCS#1 v1.5 signature verification code did not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure, which could allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used (GitHub Advisory).

The vulnerability has a CVSS v3.1 base score of 7.5 (HIGH) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N. The issue stems from improper verification of cryptographic signatures (CWE-347). The vulnerability specifically relates to the signature verification code's failure to validate the complete structure of parsed ASN.1 DigestInfo data, allowing for potential signature forgery through manipulation of padding bytes and garbage data (GitHub Advisory).

The vulnerability could allow an attacker to forge signatures when a low public exponent is being used. This impacts the integrity of the cryptographic verification process, potentially allowing unauthorized modifications to be accepted as valid. The CVSS scoring indicates high impact on integrity while maintaining no impact on confidentiality or availability (GitHub Advisory).

The vulnerability has been fixed in node-forge version 1.3.0. The fix includes making asn1.fromDer more strict by ensuring all input bytes are parsed, adding proper validation for ASN.1 RSASSA-PKCS-v1_5 DigestInfo data structure, and implementing checks for hash algorithm identifiers. Users should upgrade to version 1.3.0 or later (GitHub Advisory).