VYPR
Moderate severityNVD Advisory· Published Jun 11, 2024· Updated Dec 17, 2025

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

CVE-2024-35255

Description

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
azure-identityPyPI
< 1.16.11.16.1
@azure/identitynpm
< 4.2.14.2.1
com.azure:azure-identityMaven
< 1.12.21.12.2
@azure/msal-nodenpm
>= 2.7.0, < 2.9.22.9.2
Microsoft.Identity.ClientNuGet
>= 4.49.1, < 4.60.44.60.4
github.com/Azure/azure-sdk-for-go/sdk/azidentityGo
< 1.6.0-beta.4.0.20240610221955-50774cd970991.6.0-beta.4.0.20240610221955-50774cd97099
com.microsoft.azure:msal4jMaven
>= 1.14.4-beta, < 1.15.11.15.1
Azure.IdentityNuGet
< 1.11.41.11.4
Microsoft.Identity.ClientNuGet
>= 4.61.0, < 4.61.34.61.3

Affected products

2088

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.