Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:51 a.m.6 views

CVE-2024-12236

A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests being routed outside the VPC-SC security perimeter, circumventing the intended security restrictions of VPC-SC. No further...

6.8CVSS6.9AI score0.00081EPSS
Exploits0References1
CVE
CVE
added 2024/12/10 3:7 p.m.75 views

CVE-2024-12236

Vertex Gemini API leaks data if a crafted fileUri for image input is used with VPC Service Controls, potentially bypassing the VPC-SC perimeter. Google Cloud fixed this by returning an error when a media file URL is specified in the fileUri parameter with VPC-SC enabled; other cases are unaffecte...

6.8CVSS6.9AI score0.00081EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/10 3:7 p.m.9 views

CVE-2024-12236 Use of Custom URI for media inputs with VPC-SC enabled potentially leads to data exfiltration

A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests being routed outside the VPC-SC security perimeter, circumventing the intended security restrictions of VPC-SC. No further...

6.8CVSS0.00081EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.5 views

PT-2024-17503 · Google · Vertex Gemini Api

Name of the Vulnerable Software and Affected Versions: Vertex Gemini API affected versions not specified Description: A security issue exists in the Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests...

6.8CVSS6.2AI score0.00081EPSS
Exploits0References7
Rows per page
Query Builder