node-forge improperly verifies cryptographic signatures. The vulnerability exists through improper verification of DigestInfo in the rsa.js
file allowing to validate the signature in an invalid structure which allows an attacker to perform unwanted actions.