VDB
GCVE-110-CLOUD-2024-0026
GCVE-110-CLOUD-2024-0026
Advisory Published
A privilege escalation vulnerability dubbed "ConfusedFunction" was discovered in Google Cloud Platform's Cloud Functions service. It allows attackers to escalate privileges from Cloud Function permissions to the default Cloud Build service account during function deployment. The vulnerability affects both first and second-generation Cloud Functions.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GCP | Cloud Functions | — | — |
| GCP | Cloud Services | — | — |
| GCP | Cloud Build | — | — |
| GCP | Cloud Functions, Cloud Build | — | — |
Browse GCVE Records
73,734 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.