Microsoft Azure Functions vulnerabilities
3 known vulnerabilities affecting microsoft/azure_functions.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2020-16904P2CRITICALCVSS 9.8vN/A2020-10-16
CVE-2020-16904 [CRITICAL] CWE-863 CVE-2020-16904: <p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</
An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.
An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.
This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.
nvd
CVE-2025-33074P3HIGHCVSS 8.8v-2025-04-30
CVE-2025-33074 [HIGH] CWE-347 CVE-2025-33074: Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized a
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network.
nvd
CVE-2026-21532P3HIGHCVSS 8.2v-2026-02-05
CVE-2026-21532 [HIGH] CWE-200 CVE-2026-21532: Azure Function Information Disclosure Vulnerability
Azure Function Information Disclosure Vulnerability
nvd