CVE-2022-39327: GitHub: CVE-2022-39327 Improper Control of Generation of Code ('Code Injection') in Azure CLI

Overview

Severity

N/A

Category

Remote Code Execution

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Nov

Released

2022-11-08

EPSS Score

1.31% (percentile: 79.8%)

FAQ

Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Azure cli, which is published on GitHub and for which GitHub is the CVE Naming Authority (CNA). It is being documented in the Security Update Guide to inform customers using the azure-cli that they need to apply the updated version. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

Affected Products (1)

Azure

• Azure CLI

Security Updates (1)

• Improper Control of Generation of Code ('Code Injection') in Azure CLI

Revision History

• 2022-11-08: Information published.