WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2018-8319 Vulnerability in npm package msrcrypto

Description

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

Remediation

References

http://www.securityfocus.com/bid/104655

http://www.securitytracker.com/id/1041268

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319

Related Vulnerabilities

CVE-2021-32808 Vulnerability in maven package org.webjars.npm:ckeditor4

CVE-2022-36889 Vulnerability in maven package org.jenkins-ci.plugins:deployer-framework

CVE-2017-2606 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2020-8134 Vulnerability in npm package ghost

CVE-2018-8014 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

Severity

Critical

Classification

CWE-682 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Third Party Advisory VDB Entry Patch Vendor Advisory