Azure DevOps Featured Security state of the Azure DevOps Marketplace This report focusses on the Azure Pipelines extensions in the Marketplace. At the time of compiling the report there are 1460 extensions in the "Azure Pipelines" category. More than 500 have one or more vulnerabilities or vulnerable dependencies.
Azure DevOps Featured Azure DevOps 2020 and 2019 (and 2018) patch for log4j vulnerability Azure DevOps can be configured with advanced Code Search. That feature relies on Elastic Search. Depending on the age of your server, JVM version and Elastic Search version this may result in your setup being vulnerable to CVE-2021-44228.
Visual Studio 2022 Adding Visual Studio 2022 to Azure DevOps Server 2020 Visual Studio 2022 is out! But Azure DevOps Server hasn't had a release to support it yet. This means that in Azure Pipelines it won't detect your freshly installed copy of Visual Studio 2022.
