Soh3E

**Name of the Vulnerable Software and Affected Versions** Forge (also called `node-forge`) versions prior to 1.4.0 **Description** Forge, a native implementation of Transport Layer Security in JavaScript, contains an issue in Ed25519 signature verification. Specifically, the verification process does not properly check if S is greater than L, potentially leading to signature forgery. **Recommendations** Update to version 1.4.0 or later.