CVE-2018-8319

Опубликовано: 11 июл. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A Security Feature Bypass vulnerability exists in MSR JavaScript Cryptography Library that is caused by incorrect arithmetic computations, aka "MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability." This affects Microsoft Research JavaScript Cryptography Library.

Ссылки

http://www.securityfocus.com/bid/104655
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041268
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104655
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041268
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8319
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:research_javascript_cryptography_library:1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07396

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-682

Связанные уязвимости

CVE-2018-8319

msrc

около 7 лет назад

MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability

GHSA-qg3g-2mgh-33j8