4 matches found
Microsoft Azure Promptflow Python Library promptflow-tools < 1.6.0 RCE
The detected version of Microsoft Azure Promptflow python package, promptflow-tools, is prior to version 1.6.0. It is, therefore, affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute unauthorized arbitrary...
Improper Isolation or Compartmentalization
Overview promptflow-tools is a Prompt flow built-in tools Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization due to improper isolation or compartmentalization in the handling of Jinja templates. Remediation Upgrade promptflow-tools to version 1.6.0 or...
promptflow-image-bundle (=0.1.0) potentially affected by CVE-2025-24986 via promptflow-tools (=0.1.0b12)
promptflow-tools PYPI version =0.1.0b12 is affected by a known vulnerability. The following packages have a transitive dependency on promptflow-tools and may be impacted: - promptflow-image-bundle =0.1.0 Source cves: CVE-2025-24986 Source advisory: OSV:GHSA-GPRR-V9F2-PX3C...
Microsoft Azure 安全漏洞
Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from Microsoft USA. A security vulnerability exists in Microsoft Azure. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected: Azure promptflow-core,Azu...