Skip to content

requests needs upgrade to 2.32.4 #31704

Closed
#31708
Closed
requests needs upgrade to 2.32.4#31704
#31708
Assignees
bebound
Labels
Azure CLI TeamThe command of the issue is owned by Azure CLI teamSecurity-Issuecustomer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-request
Milestone
Backlog
@MallocArray

Description

@MallocArray
MallocArray
opened on Jun 24, 2025

Describe the bug

https://github.com/Azure/azure-cli/blob/dev/src/azure-cli/requirements.py3.Linux.txt is pinned to version 2.32.3

There is a moderate vulnerability in this version that is resolved in 2.32.4
https://avd.aquasec.com/nvd/2024/cve-2024-47081/

Related command

Trivy security scan of container after installing az cli 2.74.0

Errors

https://avd.aquasec.com/nvd/2024/cve-2024-47081/

Issue script & Debug output

N/A

Expected behavior

No vulnerable packages are detected

Environment Summary

azure-cli 2.74.0

core 2.74.0
telemetry 1.1.0

Dependencies:
msal 1.32.3
azure-mgmt-resource 23.3.0

Python location '/usr/bin/python3.12'
Config directory '/root/.azure'
Extensions directory '/root/.azure/cliextensions'

Python (Linux) 3.12.10 (main, May 9 2025, 00:00:00) [GCC 11.5.0 20240719 (Red Hat 11.5.0-5)]

Legal docs and information: aka.ms/AzureCliLegal

Additional context

No response

Metadata

Metadata

Assignees

Labels

Azure CLI TeamThe command of the issue is owned by Azure CLI teamSecurity-Issuecustomer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-request

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions