An unpatched vulnerability in Microsoft Azure Functions could be used by an attacker to escalate privileges and escape the Docker container used for hosting them. The findings come as part of Intezer Lab’s investigations into the Azure compute infrastructure. Microsoft has determined that the vulnerability has no security impact on Function users, researchers say. Azure Functions are serverless solutions that allow users to run event-triggered code without having to provision or manage infrastructure explicitly while simultaneously making it possible to scale and allocate compute and resources based on demand.
Source: https://thehackernews.com/2021/01/new-docker-container-escape-bug-affects.html