Description

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

Remediation

References

http://www.securityfocus.com/bid/104655

http://www.securitytracker.com/id/1041268

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319

Related Vulnerabilities

CVE-2022-42466 Vulnerability in maven package org.apache.isis.commons:isis-commons

CVE-2016-10540 Vulnerability in maven package org.webjars.bower:minimatch

CVE-2022-21186 Vulnerability in npm package @acrontum/filesystem-template

CVE-2014-3120 Vulnerability in maven package org.elasticsearch:elasticsearch

CVE-2019-10350 Vulnerability in maven package org.jenkins-ci.plugins:port-allocator

Severity

Critical

Classification

CWE-682 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Third Party Advisory VDB Entry Patch Vendor Advisory