NServiceBus.AzureFunctions.Worker.ServiceBus 4.2.3 and 3.1.2 – Patch releases available

Hi everyone,

We’ve just released NServiceBus.AzureFunctions.Worker.ServiceBus 4.2.3 and 3.1.2.

Fixed bugs

  • #449 Remote Code Execution Vulnerability in dependency of NServiceBus.AzureFunctions.Worker.ServiceBus

How to know if you are affected

Anyone using the NServiceBus.AzureFunctions.Worker.ServiceBus package without explicitly updating transitive dependencies is affected.


A vulnerable release of Azure.Identity is included in the .azurefunctions subdirectory of the build output.

When to upgrade

You should upgrade during your next maintenance window. However, this update is not required if top-level dependency is taken on Microsoft.Azure.Functions.Worker.Extensions.ServiceBus version 5.15.0 or later.

Where to get it

You can install the new versions of NServiceBus.AzureFunctions.Worker.ServiceBus from NuGet.

With thanks,
The team in Particular

Please read our release policy for more details.