fix: update node-forge to 1.4.0 to patch security vulnerabilities #46

Merged

privilegedescalation-engineer[bot] merged 1 commits from hugh/fix-node-forge-vulnerability into main

2026-04-15 00:14:40 +00:00

Author	SHA1	Message	Date
Pawla Abdul	9250e88df6	fix: update node-forge to 1.4.0 to patch security vulnerabilities Resolves 4 high-severity vulnerabilities in node-forge: - GHSA-2328-f5f3-gj25: basicConstraints bypass - GHSA-q67f-28xg-22rw: signature forgery Ed25519 - GHSA-5m6q-g25r-mvwx: Denial of Service via Infinite Loop - GHSA-ppp5-5v6c-4jwp: signature forgery RSA-PKCS Fixes PRI-21	2026-04-11 17:10:06 +00:00

Author

SHA1

Message

Date

Pawla Abdul

9250e88df6

fix: update node-forge to 1.4.0 to patch security vulnerabilities

Resolves 4 high-severity vulnerabilities in node-forge:
- GHSA-2328-f5f3-gj25: basicConstraints bypass
- GHSA-q67f-28xg-22rw: signature forgery Ed25519
- GHSA-5m6q-g25r-mvwx: Denial of Service via Infinite Loop
- GHSA-ppp5-5v6c-4jwp: signature forgery RSA-PKCS

Fixes PRI-21

2026-04-11 17:10:06 +00:00

fix: update node-forge to 1.4.0 to patch security vulnerabilities #46

1 Commits