VDB

GCVE-VVD-CLOUD-2023-0010

GCVE-VVD-CLOUD-2023-0010
Advisory Published
Vulnetix · Advisory published November 14, 2023
Azure CLI commands were found to leak sensitive information, including credentials, through GitHub Actions logs. The vulnerability affects multiple Azure CLI commands and could expose secrets in public and private repositories. Microsoft has issued updates to Azure CLI, Azure Pipelines, and GitHub Actions to address the issue.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
GitHubAzure CLI
AzureAzure CLI
AzureAKS
AzureCloud Services

Aliases

CVE-2023-36052

Transitive aliases

EUVD-2023-40035GHSA-m32x-6xp4-26j2VVD-CISA-2023-36052MSRC_CVE-2023-36052BIT-azure-cli-2023-36052GSD-2023-36052BDU:2023-07984VVD-CLOUD-2023-0011

References

Azure CLI Leaks Credentials in GitHub Actions Logs
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›