You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
We are using the Docker image mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0. This image includes Microsoft.Identity.Client version 4.60.3.0, which is affected by CVE-2024-35255. Please update Microsoft.Identity.Client to a version that addresses this vulnerability.
Steps to Reproduce:
Use mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0 in a Dockerfile.
Run a vulnerability scan (I'm using Grype).
Expected Behavior:
No critical vulnerabilities should be present.
Actual Behavior: CVE-2024-35255 is detected due to Microsoft.Identity.Client version 4.60.3.0.
Additional Context:
Confirm version 4.60.3.0 of Microsoft.Identity.Client in the Docker image.
The text was updated successfully, but these errors were encountered:
Description:
We are using the Docker image
mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0. This image includesMicrosoft.Identity.Clientversion 4.60.3.0, which is affected by CVE-2024-35255. Please updateMicrosoft.Identity.Clientto a version that addresses this vulnerability.Steps to Reproduce:
mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0in a Dockerfile.Expected Behavior:
No critical vulnerabilities should be present.
Actual Behavior:
CVE-2024-35255 is detected due to
Microsoft.Identity.Clientversion 4.60.3.0.Additional Context:
Confirm version 4.60.3.0 of
Microsoft.Identity.Clientin the Docker image.The text was updated successfully, but these errors were encountered: