Описание
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-35255
- https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4806#issuecomment-2178960340
- https://github.com/Azure/azure-sdk-for-go/commit/50774cd9709905523136fb05e8c85a50e8984499
- https://github.com/Azure/azure-sdk-for-java/commit/5bf020d6ea056de40e2738e3647a4e06f902c18d
- https://github.com/Azure/azure-sdk-for-js/commit/c6aa75d312ae463e744163cedfd8fc480cc8d492
- https://github.com/Azure/azure-sdk-for-net/commit/9279a4f38bf69b457cfb9b354f210e0a540a5c53
- https://github.com/Azure/azure-sdk-for-python/commit/cb065acd7d0f957327dc4f02d1646d4e51a94178
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255
Пакеты
azure-identity
< 1.16.1
1.16.1
@azure/identity
< 4.2.1
4.2.1
com.azure:azure-identity
< 1.12.2
1.12.2
@azure/msal-node
>= 2.7.0, < 2.9.2
2.9.2
Microsoft.Identity.Client
>= 4.49.1, < 4.60.4
4.60.4
github.com/Azure/azure-sdk-for-go/sdk/azidentity
< 1.6.0-beta.4.0.20240610221955-50774cd97099
1.6.0-beta.4.0.20240610221955-50774cd97099
com.microsoft.azure:msal4j
>= 1.14.4-beta, < 1.15.1
1.15.1
Azure.Identity
< 1.11.4
1.11.4
Microsoft.Identity.Client
>= 4.61.0, < 4.61.3
4.61.3
Связанные уязвимости
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
