Microsoft · Msr Javascript Cryptography Library · CVE-2018-8319
**Name of the Vulnerable Software and Affected Versions**
MSR JavaScript Cryptography Library versions prior to 1.4.1
**Description**
A Security Feature Bypass issue exists due to incorrect arithmetic computations. This affects the Elliptic Curve Cryptography (ECC) implementation, potentially leaking information about a server's private ECC key and allowing attackers to craft invalid ECDSA signatures that pass as valid.
**Recommendations**
Upgrade to version 1.4.1 or later.