Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
- Severity:
- Medium
Description
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.
Recommendation
Update the @azure/msal-node package to the latest compatible version. Followings are version details:
- Affected version(s): >= 2.7.0, < 2.9.2
- Patched version(s): 2.9.2
References
Related Issues
- Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem - CVE-2024-23331
- Materialize-css vulnerable to Cross-site Scripting in autocomplete component (GHSA-7752-f4gf-94gc) - CVE-2019-11003
- xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection (GHSA-h4j5-c7cj-74xg) - CVE-2020-28502
- @dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details - CVE-2022-39350
- Tags:
- npm
- @azure/msal-node
Anything's wrong? Let us know Last updated on July 22, 2025