VDB

GCVE-110-CLOUD-2024-0015

GCVE-110-CLOUD-2024-0015
Advisory Published
Vulnetix · Advisory published September 26, 2024
Multiple "pwn request" vulnerabilities were discovered in Google Cloud Data Fusion, which is based on open-source CDAP code. These vulnerabilities affect GitHub Actions and allow for remote code execution (RCE) and compromise of build artifacts. The issues potentially impact both the Google Cloud platform and GitHub's CI/CD infrastructure.

Affected Products

VendorProductVersionsPlatforms
GitHubCloud Data Fusion
GCPCloud Data Fusion
GCPCloud Services

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›