com.azure:azure-storage-blob@12.11.0-beta.3 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the com.azure:azure-storage-blob package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure

com.azure:azure-storage-blob is a Microsoft Azure client library for Blob Storage

Affected versions of this package are vulnerable to Information Exposure. Attackers can expose the contents of a file or blob when client-side encryption is in use.

NOTE: The vendor advises that client-side encryption is a very uncommon use case.

How to fix Information Exposure?

Upgrade com.azure:azure-storage-blob to version 12.18.0 or higher.

[,12.18.0)