VDB
GCVE-110-CLOUD-2023-0063
GCVE-110-CLOUD-2023-0063
Advisory Published
A vulnerability in Vertex AI Workbench allowed attackers to take over victims' Google Cloud projects through client-side SSRF.
The initial bug involved unauthorized access to authentication tokens, which was later fixed.
A bypass was later discovered (and also fixed) using open redirects in Feedburner and CSRF token manipulation.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GCP | Vertex AI | — | — |
| GCP | Vertex AI Workbench | — | — |
| GCP | Cloud Services | — | — |
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.