Security News > 2025 > April > Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse

2025-04-02 13:48
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. "The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull private Google Artifact
News URL
https://thehackernews.com/2025/04/google-fixed-cloud-run-vulnerability.html
Related news
- Google Announces Quantum-Safe Digital Signatures in Cloud KMS, Takes “Post-Quantum Computing Risks Seriously” (source)
- Google Cloud introduces quantum-safe digital signatures in KMS (source)
- Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats (source)
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent (source)