Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ADMINAPI-1056] - Version upgrade for OpenIddict.EntityFrameworkCore and Microsoft.Enti… #170

Merged
merged 7 commits into from
Sep 26, 2024
Merged

[ADMINAPI-1056] - Version upgrade for OpenIddict.EntityFrameworkCore and Microsoft.Enti… #170

merged 7 commits into from
Sep 26, 2024

Conversation

DavidJGapCR
Copy link
Contributor

…tyFrameworkCore.

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 23, 2024
edited
Loading

Test Results

14 tests   14 ✅  0s ⏱️
 1 suites   0 💤
 1 files     0 ❌

Results for commit 17000a9.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 26, 2024
edited
Loading

🔍 Vulnerabilities of development:latest

📦 Image Reference development:latest
digestsha256:262ba6529132badaf45fb7c008cfa11092b499a806f857bdfc6551097b21076c
vulnerabilitiescritical: 0 high: 0 medium: 3 low: 0
platformlinux/amd64
size89 MB
packages561
📦 Base Image alpine:3.19
also known as
  • 3.19.4
digestsha256:f11993ab46a7e9f2d09007f8b7cbcc75e48e3691f9ae8d579fe4cb988d7b4ccd
vulnerabilitiescritical: 0 high: 0 medium: 0 low: 0
critical: 0 high: 0 medium: 1 low: 0 Azure.Identity 1.11.3 (nuget)

pkg:nuget/[email protected]

medium 5.5: CVE--2024--35255 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected range<1.11.4
Fixed version1.11.4
CVSS Score5.5
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Description

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

critical: 0 high: 0 medium: 1 low: 0 Microsoft.Identity.Client 4.60.3.0 (nuget)

pkg:nuget/[email protected]

medium 5.5: CVE--2024--35255 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected range>=4.49.1
<4.60.4
Fixed version4.61.3
CVSS Score5.5
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Description

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

critical: 0 high: 0 medium: 1 low: 0 Microsoft.Identity.Client 4.60.3 (nuget)

pkg:nuget/[email protected]

medium 5.5: CVE--2024--35255 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Affected range>=4.49.1
<4.60.4
Fixed version4.61.3
CVSS Score5.5
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Description

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

@DavidJGapCR DavidJGapCR merged commit 7425d5e into main Sep 26, 2024
14 checks passed
@DavidJGapCR DavidJGapCR deleted the ADMINAPI-1056 branch September 26, 2024 21:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jagudelo-gap jagudelo-gap jagudelo-gap approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DavidJGapCR @jagudelo-gap