28 matches found
CVE-2026-21532
Azure Function Information Disclosure Vulnerability...
CVE-2026-21532 Azure Function Information Disclosure Vulnerability
...
CVE-2026-21532 Azure Function Information Disclosure Vulnerability
...
Microsoft Azure Functions 信息泄露漏洞
Microsoft Azure Functions is a hosted Platform-as-a-Service PaaS provider from Microsoft Corporation USA that delivers event-driven and scheduled compute resources for Azure cloud services. An information disclosure vulnerability exists in Microsoft Azure Functions, which can be exploited by an...
GHSA-5RRX-JJJQ-Q2R5 vulnerabilities
Vulnerabilities for packages: dotnet, dotnet-bootstrap, azure-functions-extension-bundles...
CVE-2025-55315 vulnerabilities
Vulnerabilities for packages: dotnet, dotnet-bootstrap, azure-functions-extension-bundles...
EUVD-2020-8862
Malware in sbrugna...
MAL-2025-42126 Malicious code in azure-functions-templates-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b042b6071c2aede4bcb5d299376c83daa1a911adb92cc27204804dba0b29dbc3 The OpenSSF Package Analysis project identified 'azure-functions-templates-build' @ 1.0.0 npm as malicious. It is considered malicious because: ...
CVE-2025-33074
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability
...
CVE-2025-33074 Azure Functions Remote Code Execution Vulnerability
...
Azure Functions Remote Code Execution Vulnerability
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
November Microsoft Patch Tuesday
November Microsoft Patch Tuesday. 125 CVEs, 35 of which were added since October MSPT. 2 vulnerabilities with signs of exploitation in the wild: Elevation of Privilege - Windows Task Scheduler CVE-2024-49039 Disclosure/Spoofing - NTLM Hash CVE-2024-43451 No signs of exploitation, but with a priva...
PT-2024-7082 · Microsoft · Azure Functions +1
Name of the Vulnerable Software and Affected Versions: Imagine Cup affected versions not specified Description: The issue is related to improper access control in Imagine Cup, allowing an authorized attacker to elevate privileges over a network. This can potentially lead to unauthorized access to...
Newly Discovered "By-Design" Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers
A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal...
Best practices regarding Azure Storage Keys, Azure Functions, and Azure Role Based Access
Summary Azure provides developers and security operations staff a wide array of configurable security options to meet organizational needs. Throughout the software development lifecycle, it is important for customers to understand the shared responsibility model, as well as be familiar with vario...
Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access
Four different Microsoft Azure services have been found vulnerable to server-side request forgery SSRF attacks that could be exploited to gain unauthorized access to cloud resources. The security issues, which were discovered by Orca between October 8, 2022 and December 2, 2022 in Azure API...
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions...
MAL-2022-1331 Malicious code in azure-function-core-tools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11ecdbb74c41602ea68433f7958e933687b012943bc3c9fdcf70f5161cf07443 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1333 Malicious code in azure-functions-ux-build (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c5287c7ea0d869d1e5f712945de550f0fe6f516ac825227f90c65c65f9a7f11 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...