2 matches found
CVE-2021-1725
CVE-2021-1725 corresponds to a Bot Framework SDK Information Disclosure vulnerability. Connected sources show the issue in the Bot Framework’s botframework-connector component, where a malicious claim could be incorrectly authenticated when bots are not configured as a Skill. The root cause invol...
CVE-2021-43225
CVE-2021-43225 affects the Microsoft Bot Framework SDK and is described as a remote code execution vulnerability. Multiple connected sources (CNVD-2021-101713, NVD entry, OSV) corroborate that the Bot Framework SDK is vulnerable to remote code execution; the CNVD entry explicitly references the M...