VDB

GCVE-110-CLOUD-2020-0020

GCVE-110-CLOUD-2020-0020
Advisory Published
Vulnetix · Advisory published August 18, 2020
Three vulnerabilities in Google Cloud Shell were discovered, allowing attackers to execute arbitrary code and potentially steal user credentials. The bugs affected Ruby gemspec parsing, TypeScript plugin loading, and Go binary path manipulation in Cloud Run. These issues arose from mismatches between Cloud Shell's threat model and the assumptions of its underlying open-source components.

Affected Products

VendorProductVersionsPlatforms
GCPCloud Shell, Cloud Run
GCPCloud Run
GCPCloud Services

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›