Google Fixes Critical Privilege Escalation Vulnerability in Cloud Run

Cybersecurity researchers have disclosed details about a privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run, which has now been fixed. This vulnerability could have allowed a malicious actor to access container images and even inject malicious code. The flaw would have enabled an identity to misuse its Google Cloud Run revision editing permissions to extract private images from Google Artifact Registry. This could have allowed an attacker to access sensitive information and compromise development environments.