Description

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

Remediation

References

http://www.securityfocus.com/bid/104655

http://www.securitytracker.com/id/1041268

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319

Related Vulnerabilities

CVE-2014-3004 Vulnerability in maven package org.codehaus.castor:castor-xml

CVE-2017-16670 Vulnerability in maven package com.smartbear.soapui:soapui-project

CVE-2023-32262 Vulnerability in maven package org.jenkins-ci.plugins:dimensionsscm

CVE-2018-15685 Vulnerability in npm package electron

CVE-2023-31826 Vulnerability in maven package org.skyscreamer:nevado-jms

Severity

Critical

Classification

CWE-682 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Third Party Advisory VDB Entry Patch Vendor Advisory