CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-35255 – Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-35255
11 Jun 2024 — Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en las librerías de identidad de Azure y la librería de autenticación de Microsoft A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library (MSAL). The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privile... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35255 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1487
https://notcve.org/view.php?id=CVE-2019-1487
10 Dec 2019 — An information disclosure vulnerability in Android Apps using Microsoft Authentication Library (MSAL) 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'. Hay una vulnerabilidad de divulgación de información en aplicaciones de Android que utilizan Microsoft Authentication Library (MSAL) versión 0.3.1-Alpha o posterior, en condiciones específicas, también se conoce como "Microsoft Authentication Library for Android Inf... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1487 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •