Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user, potentially grant themselves elevated privileges and thus execute arbitrary code or gain access to sensitive data. Of the vulnerabilities labeled...

EUVD-2026-5521

Azure Function Information Disclosure Vulnerability...

CVE-2026-21532

Azure Function Information Disclosure Vulnerability...

Azure Function Information Disclosure Vulnerability

...

PT-2026-6636

Name of the Vulnerable Software and Affected Versions Azure Function affected versions not specified Description An information disclosure issue exists in Azure Function. The issue allows for the potential disclosure of information. Recommendations At the moment, there is no information about a...

Spring Cloud Function for Azure Function

What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-app-service (>=0.1 <=0.4.2) +8 more potentially affected by CVE-2023-25768 via org.jenkins-ci.plugins:azure-credentials (>=1.0 <=1.6.1)

org.jenkins-ci.plugins:azure-credentials MAVEN version =1.0, =0.1.0, =0.1, =0.3.0, =0.6.0, =3.0.0, =0.1.0, =1.0.0, =0.4.8, =0.1.0, =1.3, =1.5 Source cves: CVE-2023-25768 Source advisory: OSV:GHSA-PX2R-CMR2-PHW7...

Stronger Cloud Security in Azure Function Using Custom Cloud Container

In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function...

Malicious code in azure-function-core-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11ecdbb74c41602ea68433f7958e933687b012943bc3c9fdcf70f5161cf07443 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in azure-function-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30aa8c48188c48e64471edb39f458daec140740e31347a3cc36166eeb877db6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1332 Malicious code in azure-function-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30aa8c48188c48e64471edb39f458daec140740e31347a3cc36166eeb877db6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

AzureC2Relay - An Azure Function That Validates And Relays Cobalt Strike Beacon Traffic By Verifying The Incoming Requests Based On A Cobalt Strike Malleable C2 Profile

AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile. Any incoming requests that do not share the profiles user-agent, URI paths, headers, and query parameters, will be redirected ...