Sreeram Kl

**Name of the Vulnerable Software and Affected Versions** Dialogflow CX on Google Cloud Platform (affected versions not specified) **Description** A missing authorization issue in the playbook import functionality allows an authenticated user with specific roles to escalate privileges. By using a maliciously crafted playbook import, an attacker could potentially take over a GCP project. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Looker versions prior to 24.12.108 Looker versions prior to 24.18.200 Looker versions prior to 25.0.78 Looker versions prior to 25.6.65 Looker versions prior to 25.8.47 Looker versions prior to 25.12.10 Looker versions prior to 25.14 **Description** A Looker user with a Developer role could potentially cause Looker to execute a malicious command. This is due to insecure processing of Teradata driver parameters. Both Looker-hosted and Self-hosted instances were found to be affected. The issue has been mitigated for Looker-hosted instances, requiring no user action. The issue involves the processing of parameters within the Teradata driver, potentially allowing for command execution. **Recommendations** Upgrade to Looker version 24.12.108 or later. Upgrade to Looker version 24.18.200 or later. Upgrade to Looker version 25.0.78 or later. Upgrade to Looker version 25.6.65 or later. Upgrade to Looker version 25.8.47 or later. Upgrade to Looker version 25.12.10 or later. Upgrade to Looker version 25.14 or later.

**Name of the Vulnerable Software and Affected Versions** Looker versions prior to 24.18.201 Looker versions prior to 25.0.79 Looker versions prior to 25.6.66 Looker versions prior to 25.12.7 Looker versions prior to 25.16.0 Looker versions prior to 25.18.0 Looker versions prior to 25.20.0 **Description** An attacker with viewer permissions in Looker could create a malicious URL. When opened by a Looker administrator, this URL would execute an attacker-supplied script. Exploitation requires at least one Looker extension to be installed. This issue affects both Looker-hosted and self-hosted instances. The issue has been mitigated for Looker-hosted instances, requiring no user action. **Recommendations** Upgrade self-hosted instances to version 24.18.201 or later. Upgrade self-hosted instances to version 25.0.79 or later. Upgrade self-hosted instances to version 25.6.66 or later. Upgrade self-hosted instances to version 25.12.7 or later. Upgrade self-hosted instances to version 25.16.0 or later. Upgrade self-hosted instances to version 25.18.0 or later. Upgrade self-hosted instances to version 25.20.0 or later.

**Name of the Vulnerable Software and Affected Versions** Looker versions prior to 24.12.100 Looker versions prior to 24.18.193 Looker versions prior to 25.0.69 Looker versions prior to 25.6.57 Looker versions prior to 25.8.39 Looker versions prior to 25.10.22 Looker versions prior to 25.12.0 **Description** An attacker could potentially take over a Looker account in instances configured with OIDC authentication. This is due to an issue with email address string normalization, specifically a punycode homograph attack. The issue affects both Looker-hosted and self-hosted instances. The vulnerability has been mitigated for Looker-hosted instances. **Recommendations** Upgrade self-hosted instances to version 24.12.100 or later. Upgrade self-hosted instances to version 24.18.193 or later. Upgrade self-hosted instances to version 25.0.69 or later. Upgrade self-hosted instances to version 25.6.57 or later. Upgrade self-hosted instances to version 25.8.39 or later. Upgrade self-hosted instances to version 25.10.22 or later. Upgrade self-hosted instances to version 25.12.0 or later.