What Changed
Updated the Python requests library dependency from versions 2.31.0 and 2.32.2 to 2.32.4 across three data connector solutions: Auth0, Alibaba Cloud, and CrowdStrike Falcon Threat Intelligence. This affects Function App-based connectors that handle API communications for log ingestion.
Security Impact (Visibility & Fidelity)
The requests library is critical for HTTP communications in these Function App connectors. Older versions may contain security vulnerabilities that could affect data ingestion reliability or expose authentication tokens during API calls.
Deployments running connector versions with requests 2.31.0 or 2.32.2 should update immediately. The update addresses potential security issues in HTTP request handling that could impact the secure ingestion of Auth0 audit logs, Alibaba Cloud events, and CrowdStrike threat intelligence data.
CVE relevance unverified — review release notes for requests 2.32.4 to confirm security fixes addressed.
Affected Files
Solutions/Alibaba Cloud/DataConnectors/AliCloudConn.zip Solutions/Alibaba Cloud/DataConnectors/requirements.txt Solutions/Auth0/Data Connectors/Auth0Connector.zip Solutions/Auth0/Data Connectors/requirements.txt Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdStrikeFalconAdversaryIntelligence/CrowdStrikeFalconThreatIntelConnector.zip Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdStrikeFalconAdversaryIntelligence/requirements.txt