22 matches found
CLEANSTART-2026-DY37532 Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Security vulnerability affects the cortex-fips package. Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
EUVD-2024-2098
Malicious code in bioql PyPI...
azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity
A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library MSAL. The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalatio...
openSUSE Security Advisory (SUSE-SU-2024:3345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2024-708)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-708 advisory. Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to...
Important: amazon-cloudwatch-agent
Issue Overview: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows...
Security Bulletin: IBM App Connect Enterprise is vulnerable to a local authenticated attack and denial of service due to Microsoft Azure Identity Libraries and Microsoft Authentication Library and gRPC on Node.js (CVE-2024-35255, CVE-2024-37168)
Summary IBM App Connect Enterprise is vulnerable to a local authenticated attack and denial of service due to Microsoft Azure Identity Libraries and Microsoft Authentication Library and gRPC on Node.js. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details...
GO-2024-2941 ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik...
GHSA-RVJ4-Q8Q5-8GRF ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability
Impact There is a vulnerability in Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. References - CVE-2024-35255 Patches - https://github.com/traefik/traefik/releases/tag/v2.11.5 - https://github.com/traefik/traefik/releases/tag/v3.0.3 Workarounds...
GHSA-M5VV-6R4H-3VJ9 Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
AZL-42649 CVE-2024-35255 affecting package telegraf for versions less than 1.31.0-9
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
AZL-42789 CVE-2024-35255 affecting package azcopy for versions less than 10.25.1-1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
AZL-43323 CVE-2024-35255 affecting package blobfuse2 for versions less than 2.3.2-1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
AZL-42655 CVE-2024-35255 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
AZL-42646 CVE-2024-35255 affecting package prometheus for versions less than 2.45.4-12
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
AZL-42637 CVE-2024-35255 affecting package keda for versions less than 2.14.1-1
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...
CVE-2024-35255 Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
...
CVE-2024-35255
CVE-2024-35255 is an elevation-of-privilege vulnerability described as a race-condition issue in Azure Identity Libraries and Microsoft Authentication Library. IBM’s security bulletin for IBM Cloud Pak for AIOps lists CVE-2024-35255 with a base score of 5.5 (CVSS 3.0) and CWE-362, affecting IBM R...
KLA68916 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in Azure Storage Movement Client Library...
PT-2024-4302 · Microsoft +2 · Authentication Library +3
Name of the Vulnerable Software and Affected Versions: Azure Identity Libraries and Microsoft Authentication Library affected versions not specified Description: The vulnerability in Azure Identity Libraries and Microsoft Authentication Library is related to synchronization errors when using a...