本ページは microsoft azure_functions に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-21532 | Azure Function Information Disclosure Vulnerability | [email protected] | 8.2 | 0.84% | 2026-02-05 | 2026-06-17 |
| CVE-2025-33074 | Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network. | [email protected] | 7.5 | 0.46% | 2025-04-30 | 2026-06-17 |
| CVE-2024-49052 | Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network. | [email protected] | 8.2 | 0.68% | 2024-11-26 | 2026-06-17 |
| CVE-2024-38204 | Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. | [email protected] | 7.5 | 0.96% | 2024-10-15 | 2026-06-17 |
| CVE-2020-16904 | <p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p> <p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.</p> <p>This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.</p> | [email protected] | 5.3 | 3.37% | 2020-10-16 | 2026-06-16 |