GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages,
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that’s based on Apache Airflow.
« This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which
« This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which
,
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that’s based on Apache Airflow.
« This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which
« This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which
, ,
https://thehackernews.com/2025/04/gcp-cloud-composer-bug-let-attackers.html