{"data":{"id":"81cece74-5b71-4012-aaf0-f427e563105f","title":"Google Cloud Vertex AI - Data Exfiltration Vulnerability Fixed in Generative AI Studio","summary":"Google Cloud's Vertex AI Generative AI Studio had a data exfiltration vulnerability caused by image markdown injection (a technique where attackers embed hidden commands in image references to steal data). The vulnerability was responsibly disclosed to Google and has been fixed.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://embracethered.com/blog/posts/2023/google-gcp-generative-ai-studio-data-exfiltration-fixed/","publishedAt":"2023-10-19T13:35:37.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google"],"affectedVendorsRaw":["Google Cloud","Vertex AI","Generative AI Studio"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}