CNNVD-202511-2208 Information
CNNVD ID
CNNVD-202511-2208
Related CVE
- CNNVD Published: 2025-11-19
Description (Chinese)
Google Cloud Looker是美国谷歌(Google)公司的一种在线工具,用于将数据转换为可定制的信息丰富的报告和仪表板。 Google Cloud Looker存在安全漏洞,该漏洞源于schemas参数容易受到SQL注入攻击,可能导致开发者权限用户从Looker内部MySQL数据库提取数据。
Description (English)
Google Cloud Loker is an online tool for translating data into customized information-rich reporting and dashboards by Google. Google Cloud Loker has a security loophole, which stems from the fact that the schemas parameters are vulnerable to SQL injections, which may lead developers to extract data from the MySQL database inside Loker.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
谷歌
Published
2025-11-19
Last Modified
2026-02-24
References
https://cloud.google.com/support/bulletins#gcp-2025-052 https://www.tenable.com/security/research/tra-2025-43 https://access.redhat.com/security/cve/cve-2025-12743
Patch
https://cloud.google.com/support/bulletins#gcp-2025-052
Share on: