53 matches found
Cleartext Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in in Azure Compute Gallery, which writes MAA tokens in the debug log. Remediation Upgrade github.com/Microsoft/confidential-sidecar-containers/cmd/azmount/filemanager to version 2.12 or higher...
Cleartext Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in in Azure Compute Gallery, which writes MAA tokens in the debug log. Remediation Upgrade github.com/Microsoft/confidential-sidecar-containers/pkg/skr to version 2.12 or higher. References -...
CVE-2026-23655
Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
CVE-2026-23655
Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
CVE-2026-21522
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
CVE-2026-21522
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
CVE-2026-21522
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
CVE-2026-23655
Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
Microsoft ACI Confidential Containers Information Disclosure Vulnerability
Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network...
PT-2026-7414
Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description An authorized attacker may be able to disclose sensitive information over a network due to the cleartext storage of that information within Azure Compute Gallery. Approximately...
PT-2026-7405
Improper neutralization of special elements used in a command 'command injection' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally...
Microsoft Azure Compute Gallery 命令注入漏洞
Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There is a command injection vulnerability present in Microsoft Azure Compute Gallery. Attackers can exploit this vulnerability to gain higher privileges...
Microsoft Azure Compute Gallery 安全漏洞
Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There are security vulnerabilities in Microsoft Azure Compute Gallery. Attackers can exploit these vulnerabilities to obtain sensitive information...
CVE-2025-59503
Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...
EUVD-2025-35744
Server-side request forgery ssrf in Azure Compute Gallery allows an authorized attacker to elevate privileges over a network...
CVE-2025-59503
Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...
Azure Compute Resource Provider Elevation of Privilege Vulnerability
Server-side request forgery ssrf in Azure Compute Gallery allows an unauthorized attacker to elevate privileges over a network...
PT-2025-43564
Name of the Vulnerable Software and Affected Versions Azure Compute Gallery affected versions not specified Description An authorized attacker can elevate privileges over a network due to a server-side request forgery issue in Azure Compute Gallery. This allows for potential misuse of network...
Microsoft Azure Compute Gallery 代码问题漏洞
Microsoft Azure Compute Gallery is a service for managing virtual machines from Microsoft Corporation in the United States. A code issue vulnerability exists in Microsoft Azure Compute Gallery that stems from server-side request forgery and could lead to an authorized attacker to elevate privileg...