VYPR
Moderate severityNVD Advisory· Published Jan 12, 2021· Updated Oct 8, 2024

Bot Framework SDK Information Disclosure Vulnerability

CVE-2021-1725

Description

Bot Framework SDK Information Disclosure Vulnerability

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
botframework-connectornpm
>= 4.7.0, < 4.7.34.7.3
botframework-connectornpm
>= 4.8.0, < 4.8.14.8.1
botframework-connectornpm
>= 4.9.0, < 4.9.44.9.4
botframework-connectornpm
>= 4.10.0, < 4.10.34.10.3

Affected products

4
  • Microsoft/Bot Framework SDK for JavaScriptv5
    cpe:2.3:a:microsoft:bot_framework_software_development_kit:-:*:*:*:*:javascript:*:*
    Range: 4.0.0
  • cpe:2.3:a:microsoft:bot_framework_software_development_kit:-:*:*:*:*:.net_framework:*:*
    Range: 4.0.0
  • Microsoft/Bot Framework SDK for Pythonv5
    cpe:2.3:a:microsoft:bot_framework_software_development_kit:-:*:*:*:*:python:*:*
    Range: 4.0.0
  • ghsa-coords
    Range: >= 4.7.0, < 4.7.3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.