PYSEC-2022-43177
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/azure-cli/PYSEC-2022-43177.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2022-43177
- Aliases
- Related
- Published
- 2022-10-25T17:15:56Z
- Modified
- 2025-04-09T17:59:29.945839Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the
&or|symbols. If any of these prerequisites are not met, this vulnerability is not applicable. Users should upgrade to version 2.40.0 or greater to receive a a mitigation for the vulnerability. - References
Affected packages
PyPI / azure-cli
Package
- Name
- azure-cli
- View open source insights on deps.dev
- Purl
- pkg:pypi/azure-cli
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.40.0
Affected versions
0.*
0.1.0b4
0.1.0b7
0.1.0b8
0.1.0b9
0.1.0b10
0.1.0b11
0.1.1b1
0.1.1b2
0.1.1b3
0.1.2rc1
0.1.2rc2
2.*
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.9
2.0.10
2.0.12
2.0.13
2.0.14
2.0.15
2.0.16
2.0.17
2.0.18
2.0.19
2.0.20
2.0.21
2.0.22
2.0.23
2.0.24
2.0.25
2.0.26
2.0.27
2.0.28
2.0.29
2.0.30
2.0.31
2.0.32
2.0.33
2.0.34
2.0.35
2.0.37
2.0.38
2.0.40
2.0.41
2.0.42
2.0.43
2.0.44
2.0.45
2.0.46
2.0.47
2.0.48
2.0.49
2.0.50
2.0.51
2.0.52
2.0.53
2.0.54
2.0.55
2.0.56
2.0.57
2.0.58
2.0.59
2.0.60
2.0.61
2.0.62
2.0.63
2.0.64
2.0.65
2.0.66
2.0.67
2.0.68
2.0.69
2.0.70
2.0.71
2.0.72
2.0.73
2.0.74
2.0.75
2.0.76
2.0.77
2.0.78
2.0.79
2.0.80
2.0.81
2.1.0
2.2.0
2.3.0
2.3.1
2.4.0
2.5.0
2.5.1
2.6.0
2.7.0
2.8.0
2.9.0
2.9.1
2.10.0
2.10.1
2.11.0
2.11.1
2.12.0
2.12.1
2.13.0
2.14.0
2.14.1
2.14.2
2.15.0
2.15.1
2.16.0
2.17.0
2.17.1
2.18.0
2.19.0
2.19.1
2.20.0
2.21.0
2.22.0
2.22.1
2.23.0
2.24.0
2.24.1
2.24.2
2.25.0
2.26.0
2.26.1
2.27.0
2.27.1
2.27.2
2.28.0
2.28.1
2.29.0
2.29.1
2.29.2
2.30.0
2.31.0
2.32.0
2.33.0
2.33.1
2.34.0
2.34.1
2.35.0
2.36.0
2.37.0
2.38.0
2.39.0