CVE-2018-8319

Name of the Vulnerable Software and Affected Versions MSR JavaScript Cryptography Library versions prior to 1.4.1

Description A Security Feature Bypass issue exists due to incorrect arithmetic computations. This affects the Elliptic Curve Cryptography (ECC) implementation, potentially leaking information about a server's private ECC key and allowing attackers to craft invalid ECDSA signatures that pass as valid.

Recommendations Upgrade to version 1.4.1 or later.