CVE-2018-8319
CRITICALMicrosoft Research JavaScript Cryptography Library - Info Disclosure
Title source: llmDescription
A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104655
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041268
Patch, Vendor Advisory x_refsource_confirm
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319
Scores
CVSS v3
9.8
EPSS
0.0703
EPSS Percentile
93.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-682
Status
published
Products (2)
microsoft/research_javascript_cryptography_library
1.4
npm/msrcrypto
0 - 1.4.1npm
Published
Jul 11, 2018
Tracked Since
Feb 18, 2026