Dependency Confusion Could Have Led to RCE in Google Cloud Platform
September 17, 2024 at 09:15AM Tenable revealed details of the CloudImposer attack method, which could have led to remote code execution on Google Cloud Platform (GCP). The attack exploited a Python argument to carry out a dependency confusion attack. After reporting the vulnerability, Google promptly patched the RCE bug and updated its documentation to mitigate … Read more