VDB

GCVE-110-CLOUD-2019-0004

GCVE-110-CLOUD-2019-0004
Advisory Published
Vulnetix · Advisory published November 29, 2019
A vulnerability was discovered in Google Cloud Platform's AI Hub service, allowing unrestricted file uploads. This could potentially lead to bypassing Same-Origin Policy by uploading SWF files, enabling CSRF attacks across browsers, and exploiting CVE-2014-8453 on IE with Adobe Reader installed. The issue resulted in a $1337 bounty reward.

Affected Products

VendorProductVersionsPlatforms
GCPAI Hub
GCPCloud Services

References

advisory

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›