NuGet package
microsoft.identitymodel.clients.activedirectory
pkg:nuget/microsoft.identitymodel.clients.activedirectory
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-1258 | Hig | 8.8 | >= 5.0.0, < 5.2.0 | 5.2.0 | Aug 14, 2019 | An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker c |
- affected >= 5.0.0, < 5.2.0fixed 5.2.0
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user. The authenticated attacker c