Microsoft Identity Web
by Microsoft
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-32016 | Med | 0.24 | 4.7 | 0.00 | Apr 9, 2025 | Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform (formerly Azure AD v2.0 endpoint) and AAD B2C. This vulnerability affects confidential client applications,… | ||
| CVE-2024-21319 | 0.00 | — | 0.01 | Jan 9, 2024 | Microsoft Identity Denial of service vulnerability | |||
| CVE-2019-1006 | 0.00 | — | 0.03 | Jul 15, 2019 | An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. |
- risk 0.24cvss 4.7epss 0.00
Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform (formerly Azure AD v2.0 endpoint) and AAD B2C. This vulnerability affects confidential client applications,…
- CVE-2024-21319Jan 9, 2024risk 0.00cvss —epss 0.01
Microsoft Identity Denial of service vulnerability
- CVE-2019-1006Jul 15, 2019risk 0.00cvss —epss 0.03
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.