Skip to content

Please clarify which commit fixes CVE-2025-24049 #31036

New issue
New issue
Closed
Closed
Please clarify which commit fixes CVE-2025-24049#31036
Assignees
beboundjsntcy
Labels
Azure CLI TeamThe command of the issue is owned by Azure CLI teamSecurity-Issuecustomer-reportedIssues that are reported by GitHub users external to the Azure organization.needs-triageThis is a new issue that needs to be triaged to the appropriate team.
Milestone
Backlog
@glaubitz

Description

@glaubitz
glaubitz
opened on Mar 14, 2025

Type of issue

Missing information

Reference command name

N/A

Feedback

Microsoft's security tracker reports that there was the CVE-2025-24049 [1] in Azure CLI up to excluding 2.69.0 but there is not a single clue what particular commit fixes this CVE.

Without knowing the exact commit, it is not possible for Linux distributions to address a particular CVE.

Please note that especially enterprise distributions can't always simply upgrade to the latest upstream version as such a process is more involved and complicated since it involves a lot of QA testing.

Can you therefore please disclose what particular commit fixed CVE-2025-24049?

Thanks!

[1] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049

Page URL

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24049

Content source URL

No response

Author

No response

Document Id

No response

Metadata

Metadata

Assignees

Labels

Azure CLI TeamThe command of the issue is owned by Azure CLI teamSecurity-Issuecustomer-reportedIssues that are reported by GitHub users external to the Azure organization.needs-triageThis is a new issue that needs to be triaged to the appropriate team.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions