Currently, Image Builder ends up transitively referencing Azure.Identity.1.7.0 via Microsoft.Data.SqlClient.5.1.1 and
Microsoft.Azure.Kusto.Ingest.11.3.1. That version of Azure.Identity is marked as vulnerable and should be updated to latest (1.10.2) via an explicit reference.
Currently, Image Builder ends up transitively referencing Azure.Identity.1.7.0 via Microsoft.Data.SqlClient.5.1.1 and Microsoft.Azure.Kusto.Ingest.11.3.1. That version of Azure.Identity is marked as vulnerable and should be updated to latest (1.10.2) via an explicit reference.