Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Google Fixes Critical Composer RCE Flaw

September 17, 2024
Reading Time: 2 mins read
in Alerts
Google Fixes Critical Composer RCE Flaw

Google has addressed a critical security flaw in its Cloud Platform (GCP) Composer that could have been exploited to achieve remote code execution through a dependency confusion attack. The vulnerability, dubbed CloudImposer by Tenable Research, involved GCP Composer’s default configuration, which allowed for the possibility of installing malicious software dependencies from public repositories like PyPI. The flaw could have been abused to replace legitimate internal packages with counterfeit ones, potentially giving attackers the ability to run malicious code on cloud servers.

Dependency confusion, also known as a substitution attack, occurs when a package manager is tricked into downloading a malicious package from a public repository instead of the intended one from a private repository. In this case, attackers could have uploaded a malicious package named “google-cloud-datacatalog-lineage-producer-client” to PyPI, which could then be pre-installed on GCP Composer instances with elevated permissions. Once installed, the rogue package could have allowed attackers to execute arbitrary code, exfiltrate sensitive service account credentials, and move laterally within the victim’s environment to compromise other GCP services.

The vulnerability was disclosed by Tenable to Google in January 2024, and by May 2024, Google had rolled out a fix. To address the issue, Google ensured that the affected package is only installed from a private repository. Additionally, it added safeguards like verifying the package’s checksum to confirm its integrity and prevent tampering. The Python Packaging Authority (PyPA) had been aware of the risks posed by the –extra-index-url argument, used during package installations, since 2018 but had not changed its package metadata behavior. Google’s fix now advises developers to use the –index-url argument, which limits package searches to specific repositories, thereby reducing the risk of dependency confusion.

With this patch, Google also recommends that GCP customers leverage Artifact Registry virtual repositories when working with multiple repositories. These changes aim to bolster the security of GCP Composer, ensuring that the platform’s dependency management process is more robust against supply chain attacks, a growing concern in cloud security.

Reference:
  • Google Patches Critical Cloud Platform Flaw Enabling Remote Code Execution
Tags: CloudCyber AlertsCyber Alerts 2024Cyber threatsGCPGooglePyPISeptember 2024TenableVulnerability
ADVERTISEMENT

Related Posts

New Godfather Trojan Hijacks Banking Apps

Winos 4.0 Malware Hits Taiwan Via Tax Phish

June 20, 2025
New Godfather Trojan Hijacks Banking Apps

New Godfather Trojan Hijacks Banking Apps

June 20, 2025
New Godfather Trojan Hijacks Banking Apps

New Amatera Stealer Delivered By ClearFake

June 20, 2025
Fake Invoices Deliver Sorillus RAT In Europe

Fake Minecraft Mods On GitHub Spread Malware

June 19, 2025
Russian Phishing Scam Bypasses Google 2FA

Russian Phishing Scam Bypasses Google 2FA

June 19, 2025
Fake Invoices Deliver Sorillus RAT In Europe

Fake Invoices Deliver Sorillus RAT In Europe

June 19, 2025

Latest Alerts

Winos 4.0 Malware Hits Taiwan Via Tax Phish

New Amatera Stealer Delivered By ClearFake

New Godfather Trojan Hijacks Banking Apps

Fake Minecraft Mods On GitHub Spread Malware

Fake Invoices Deliver Sorillus RAT In Europe

Russian Phishing Scam Bypasses Google 2FA

Subscribe to our newsletter

    Latest Incidents

    Massive Leak Exposes 16 Billion Credentials

    Tonga Health System Down After Ransomware

    Chinese Spies Target Satellite Giant Viasat

    German Dealer Leymann Hacked Closes Stores

    Hacker Mints $27M From Meta Pool Gets 132K

    UBS and Pictet Hit By Vendor Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial