GCVE-VVD-CLOUD-2023-0010

Advisory Published

Vulnetix · Advisory published November 14, 2023

Azure CLI commands were found to leak sensitive information, including credentials, through GitHub Actions logs. The vulnerability affects multiple Azure CLI commands and could expose secrets in public and private repositories. Microsoft has issued updates to Azure CLI, Azure Pipelines, and GitHub Actions to address the issue.

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
GitHub	Azure CLI	—	—
Azure	Azure CLI	—	—
Azure	AKS	—	—
Azure	Cloud Services	—	—

Aliases

CVE-2023-36052

Transitive aliases

EUVD-2023-40035 GHSA-m32x-6xp4-26j2 VVD-CISA-2023-36052 MSRC_CVE-2023-36052 BIT-azure-cli-2023-36052 GSD-2023-36052 BDU:2023-07984 VVD-CLOUD-2023-0011

References

Azure CLI Leaks Credentials in GitHub Actions Logs

advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON