VYPR

Microsoft Identity Web

by Microsoft

Source repositories

CVEs (3)

  • CVE-2019-1006HigJul 15, 2019
    risk 0.49cvss 7.5epss 0.06

    An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

  • CVE-2024-21319MedJan 9, 2024
    risk 0.44cvss 6.8epss 0.03

    Microsoft Identity Denial of service vulnerability

  • CVE-2025-32016MedApr 9, 2025
    risk 0.24cvss 4.7epss 0.00

    Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform (formerly Azure AD v2.0 endpoint) and AAD B2C. This vulnerability affects confidential client applications,…