azure-storage-blob@12.10.0b2 vulnerabilities

Microsoft Azure Blob Storage Client Library for Python

Direct Vulnerabilities

Known vulnerabilities in the azure-storage-blob package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure

azure-storage-blob is a Microsoft Azure Blob Storage Client Library for Python

Affected versions of this package are vulnerable to Information Exposure. Attackers can expose the contents of a file or blob when client-side encryption is in use.

NOTE: The vendor advises that client-side encryption is a very uncommon use case.

How to fix Information Exposure?

Upgrade azure-storage-blob to version 12.13.0 or higher.

[,12.13.0)