A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion.
The vulnerability has been codenamed CloudImposer by Tenable Research.
"The vulnerability could have allowed an attacker to hijack an internal software dependency



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/09/google-fixes-gcp-composer-flaw-that.html