Cybersecurity analysts have outlined a recently resolved flaw in Google Cloud Platform (GCP) that might have allowed an assailant to enhance their permissions in the Cloud Composer workflow orchestration system that relies on Apache Airflow.
“This flaw permits individuals with editing rights in Cloud Composer to amplify their access to the standard Cloud Build service account, which