Security News > 2025 > April > Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse

2025-04-02 13:48
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. "The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull private Google Artifact
News URL
https://thehackernews.com/2025/04/google-fixed-cloud-run-vulnerability.html
Related news
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)