CERTFR-2026-AVI-0873
Vulnerability from certfr_avis - Published: 2026-07-15 - Updated: 2026-07-15
De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Microsoft | Azure Linux | azl3 libXfont2 2.0.6-1 versions antérieures à 2.0.8-1 | ||
| Microsoft | Azure Linux | azl3 telegraf 1.31.0-23 versions antérieures à 1.31.0-25 | ||
| Microsoft | Azure Linux | azl3 clamav 1.5.2-3 versions antérieures à 1.5.3-1 | ||
| Microsoft | Azure Linux | azl3 glib 2.78.6-9 versions antérieures à 2.78.6-10 | ||
| Microsoft | Azure Linux | azl3 mtr 0.95-3 versions antérieures à 0.95-4 | ||
| Microsoft | Azure Linux | azl3 xorg-x11-server-Xwayland 24.1.12-1 versions antérieures à 24.1.13-1 | ||
| Microsoft | Azure Linux | azl3 python-msgpack 1.0.5-2 versions antérieures à 1.0.5-3 | ||
| Microsoft | Azure Linux | azl3 curl 8.11.1-9 versions antérieures à 8.11.1-10 | ||
| Microsoft | Azure Linux | azl3 erlang 26.2.5.21-2 versions antérieures à 26.2.5.21-3 | ||
| Microsoft | Azure Linux | azl3 openssh 9.8p1-8 versions antérieures à 9.8p1-9 | ||
| Microsoft | Azure Linux | azl3 python-setuptools 69.0.3-5 versions antérieures à 69.0.3-6 | ||
| Microsoft | Azure Linux | azl3 nodejs 24.17.0-1 versions antérieures à 24.17.0-2 | ||
| Microsoft | Azure Linux | azl3 vim 9.2.0735-1 versions antérieures à 9.2.0782-1 | ||
| Microsoft | Azure Linux | azl3 keras 3.3.3-7 versions antérieures à 3.3.3-8 | ||
| Microsoft | Azure Linux | azl3 perl-DBI 1.643-5 versions antérieures à 1.650-1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "azl3 libXfont2 2.0.6-1 versions ant\u00e9rieures \u00e0 2.0.8-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 telegraf 1.31.0-23 versions ant\u00e9rieures \u00e0 1.31.0-25",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 clamav 1.5.2-3 versions ant\u00e9rieures \u00e0 1.5.3-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 glib 2.78.6-9 versions ant\u00e9rieures \u00e0 2.78.6-10",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 mtr 0.95-3 versions ant\u00e9rieures \u00e0 0.95-4",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 xorg-x11-server-Xwayland 24.1.12-1 versions ant\u00e9rieures \u00e0 24.1.13-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python-msgpack 1.0.5-2 versions ant\u00e9rieures \u00e0 1.0.5-3",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 curl 8.11.1-9 versions ant\u00e9rieures \u00e0 8.11.1-10",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 erlang 26.2.5.21-2 versions ant\u00e9rieures \u00e0 26.2.5.21-3",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 openssh 9.8p1-8 versions ant\u00e9rieures \u00e0 9.8p1-9",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 python-setuptools 69.0.3-5 versions ant\u00e9rieures \u00e0 69.0.3-6",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 nodejs 24.17.0-1 versions ant\u00e9rieures \u00e0 24.17.0-2",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 vim 9.2.0735-1 versions ant\u00e9rieures \u00e0 9.2.0782-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 keras 3.3.3-7 versions ant\u00e9rieures \u00e0 3.3.3-8",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 perl-DBI 1.643-5 versions ant\u00e9rieures \u00e0 1.650-1",
"product": {
"name": "Azure Linux",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-14380",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-14380"
},
{
"name": "CVE-2026-14461",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-14461"
},
{
"name": "CVE-2026-59996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-59996"
},
{
"name": "CVE-2026-59995",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-59995"
},
{
"name": "CVE-2026-59999",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-59999"
},
{
"name": "CVE-2026-20216",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20216"
},
{
"name": "CVE-2026-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58013"
},
{
"name": "CVE-2026-8926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8926"
},
{
"name": "CVE-2026-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20243"
},
{
"name": "CVE-2026-8458",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8458"
},
{
"name": "CVE-2026-14739",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-14739"
},
{
"name": "CVE-2026-58015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58015"
},
{
"name": "CVE-2026-56000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56000"
},
{
"name": "CVE-2026-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58014"
},
{
"name": "CVE-2026-20215",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20215"
},
{
"name": "CVE-2026-58012",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58012"
},
{
"name": "CVE-2026-59890",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-59890"
},
{
"name": "CVE-2026-10536",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10536"
},
{
"name": "CVE-2026-20213",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20213"
},
{
"name": "CVE-2026-8932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8932"
},
{
"name": "CVE-2026-11525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-11525"
},
{
"name": "CVE-2026-59997",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-59997"
},
{
"name": "CVE-2026-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58010"
},
{
"name": "CVE-2026-12064",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12064"
},
{
"name": "CVE-2026-12480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12480"
},
{
"name": "CVE-2026-20214",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20214"
},
{
"name": "CVE-2026-60002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-60002"
},
{
"name": "CVE-2026-9079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9079"
},
{
"name": "CVE-2026-56003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56003"
},
{
"name": "CVE-2026-59856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-59856"
},
{
"name": "CVE-2026-20217",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20217"
},
{
"name": "CVE-2026-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58011"
},
{
"name": "CVE-2026-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-58016"
},
{
"name": "CVE-2026-60001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-60001"
},
{
"name": "CVE-2026-14740",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-14740"
},
{
"name": "CVE-2026-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20244"
},
{
"name": "CVE-2026-57585",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-57585"
},
{
"name": "CVE-2026-8927",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8927"
},
{
"name": "CVE-2026-60000",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-60000"
},
{
"name": "CVE-2026-54908",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-54908"
},
{
"name": "CVE-2026-56002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56002"
},
{
"name": "CVE-2026-54886",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-54886"
},
{
"name": "CVE-2026-56001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56001"
},
{
"name": "CVE-2026-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8286"
}
],
"initial_release_date": "2026-07-15T00:00:00",
"last_revision_date": "2026-07-15T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0873",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-07-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Azure Linux. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Azure Linux",
"vendor_advisories": [
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58013",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58013"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-9079",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9079"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-56001",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56001"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20243",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20243"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-60001",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60001"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20214",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20214"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-8927",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8927"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20216",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20216"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-54908",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54908"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58011",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58011"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58012",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58012"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-8926",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8926"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-59997",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59997"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-56002",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56002"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-60002",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60002"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-8932",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8932"
},
{
"published_at": "2026-07-03",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-57585",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57585"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-12064",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12064"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20215",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20215"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-56000",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56000"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-56003",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56003"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-14380",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14380"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58014",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58014"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-8286",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8286"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58015",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58015"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-8458",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8458"
},
{
"published_at": "2026-06-27",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-11525",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11525"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-59996",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59996"
},
{
"published_at": "2026-07-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-10536",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10536"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20213",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20213"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-59999",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59999"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-59995",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59995"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20244",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20244"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-14740",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14740"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-14461",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14461"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58016",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58016"
},
{
"published_at": "2026-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-12480",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12480"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-58010",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58010"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-59856",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59856"
},
{
"published_at": "2026-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-60000",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60000"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-14739",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14739"
},
{
"published_at": "2026-07-07",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-54886",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54886"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-59890",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59890"
},
{
"published_at": "2026-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft Azure Linux CVE-2026-20217",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20217"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…