Node-forge Security Update Advisory (CVE-2025-12816)

Dec 02 2025

Overview

We have released a security update to address a vulnerability in node-forge. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-12816

Node-forge version: below 1.3.2

Resolved Vulnerabilities

Validation Asynchronization Vulnerability in node-forge ASN.1 (CVE-2025-12816)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-12816

Node-forge version: 1.3.2

References

[1] node-forge ASN.1 Validator Desynchronization
https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq

Node-forge Security Update Advisory (CVE-2025-12816)

SolarWinds Product Security Update Advisory

Advisory for a security update to the astral-tokio-tar library (CVE-2025-62518)

Tags:

SolarWinds Product Security Update Advisory

Advisory for a security update to the astral-tokio-tar library (CVE-2025-62518)