CVE-2025-12743 SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database

🗓️ 19 Nov 2025 16:41:30Reported by GoogleCloudType

CVE-2025-12743 SQL injection in Looker project generation endpoint allows access to internal MySQL database.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-12743	19 Nov 202518:09	–	circl
CNNVD	Google Cloud Looker 安全漏洞	19 Nov 202500:00	–	cnnvd
CVE	CVE-2025-12743	19 Nov 202516:41	–	cve
EUVD	EUVD-2025-198206	19 Nov 202516:41	–	euvd
NVD	CVE-2025-12743	19 Nov 202517:15	–	nvd
Positive Technologies	PT-2025-47476	19 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-12743	26 Nov 202516:56	–	redhatcve
The Hacker News	ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories	12 Feb 202611:51	–	thn
Vulnrichment	CVE-2025-12743 SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database	19 Nov 202516:41	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Looker-hosted"
    ],
    "product": "Looker",
    "vendor": "Google Cloud",
    "versions": [
      {
        "lessThan": "24.12.106",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "24.18.198",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.0.75",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.6.63",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.8.45",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.10.33",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.12.1",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.14",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Self-hosted"
    ],
    "product": "Looker",
    "vendor": "Google Cloud",
    "versions": [
      {
        "lessThan": "24.12.106",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "24.18.198",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.0.75",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.6.63",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.8.45",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.10.33",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.12.1",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      },
      {
        "lessThan": "25.14",
        "status": "affected",
        "version": "0",
        "versionType": "date"
      }
    ]
  }
]

Source	Link
cloud	www.cloud.google.com/support/bulletins
tenable	www.tenable.com/security/research/tra-2025-43

19 Nov 2025 16:41Current

CVSS 46

EPSS0.0024

CWE-89