Refine your search
16 vulnerabilities found for Looker by Google Cloud
CVE-2025-12742 (GCVE-0-2025-12742)
Vulnerability from nvd
Published
2025-11-25 05:38
Modified
2025-11-25 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.108+
* 24.18.200+
* 25.0.78+
* 25.6.65+
* 25.8.47+
* 25.12.10+
* 25.14+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.12.108 Version: 0 < 24.18.200 Version: 0 < 25.0.78 Version: 0 < 25.6.65 Version: 0 < 25.8.47 Version: 0 < 25.12.10 Version: 0 < 25.14 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T14:38:27.546926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T14:39:05.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sivanesh Ashok"
},
{
"lang": "en",
"type": "finder",
"value": "Sreeram KL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.108+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.200+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.78+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.65+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.47+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.10+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.108+\n * 24.18.200+\n * 25.0.78+\n * 25.6.65+\n * 25.8.47+\n * 25.12.10+\n * 25.14+"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T05:38:47.907Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in Looker via Teradata JDBC Driver",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12742",
"datePublished": "2025-11-25T05:38:47.907Z",
"dateReserved": "2025-11-05T10:50:53.509Z",
"dateUpdated": "2025-11-25T14:39:05.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12741 (GCVE-0-2025-12741)
Vulnerability from nvd
Published
2025-11-24 11:35
Modified
2025-11-24 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malicious command.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.108+
* 24.18.200+
* 25.0.78+
* 25.6.65+
* 25.8.47+
* 25.12.10+
* 25.14+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.12.108 Version: 0 < 24.18.200 Version: 0 < 25.0.78 Version: 0 < 25.6.65 Version: 0 < 25.8.47 Version: 0 < 25.12.10 Version: 0 < 25.14 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T13:12:37.681736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T13:13:17.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malicious command.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.108+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.200+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.78+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.65+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.47+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.10+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malicious command.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.108+\n * 24.18.200+\n * 25.0.78+\n * 25.6.65+\n * 25.8.47+\n * 25.12.10+\n * 25.14+"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T11:35:33.730Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Write in Denodo dialect of Looker allows Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12741",
"datePublished": "2025-11-24T11:35:33.730Z",
"dateReserved": "2025-11-05T10:50:34.070Z",
"dateUpdated": "2025-11-24T13:13:17.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12740 (GCVE-0-2025-12740)
Vulnerability from nvd
Published
2025-11-24 11:30
Modified
2025-11-24 13:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver's parameters.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 25.0.93+
* 25.6.84+
* 25.12.42+
* 25.14.50+
* 25.16.44+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 25.0.93 Version: 0 < 25.6.84 Version: 0 < 25.12.42 Version: 0 < 25.14.50 Version: 0 < 25.16.44 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T13:13:45.642405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T13:14:36.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "25.0.93",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.84",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.42",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14.50",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "25.0.93",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.84",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.42",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14.50",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver\u0027s parameters.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.93+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e25.6.84+\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.42+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14.50+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.16.44+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver\u0027s parameters.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 25.0.93+\n * 25.6.84+\n\n * 25.12.42+\n * 25.14.50+\n * 25.16.44+"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T11:30:31.958Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Command Execution in Looker via IBM DB2 JDBC drive",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12740",
"datePublished": "2025-11-24T11:30:31.958Z",
"dateReserved": "2025-11-05T10:44:47.390Z",
"dateUpdated": "2025-11-24T13:14:36.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12739 (GCVE-0-2025-12739)
Vulnerability from nvd
Published
2025-11-24 09:11
Modified
2025-11-24 13:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ : * 24.18.201+
* 25.0.79+
* 25.6.66+
* 25.12.7+
* 25.16.0+
* 25.18.0+
* 25.20.0+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.18.201 Version: 0 < 25.0.79 Version: 0 < 25.6.66 Version: 0 < 25.12.7 Version: 0 < 25.16.0 Version: 0 < 25.18.0 Version: 0 < 25.20.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T13:18:11.065484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T13:43:54.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.18.201",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.79",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.66",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.18.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.18.201",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.79",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.66",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.18.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sivanesh Ashok"
},
{
"lang": "en",
"type": "finder",
"value": "Sreeram KL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003c/span\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.201+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.79+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.66+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.7+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.16.0+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.18.0+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.20.0+\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ : * 24.18.201+\n * 25.0.79+\n * 25.6.66+\n * 25.12.7+\n * 25.16.0+\n * 25.18.0+\n * 25.20.0+"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T09:11:38.396Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-068"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) in Looker\u0027s Extension Loader leading to Admin Account Compromise",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12739",
"datePublished": "2025-11-24T09:11:38.396Z",
"dateReserved": "2025-11-05T10:43:57.797Z",
"dateUpdated": "2025-11-24T13:43:54.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12414 (GCVE-0-2025-12414)
Vulnerability from nvd
Published
2025-11-20 10:32
Modified
2025-11-20 14:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.100+
* 24.18.193+
* 25.0.69+
* 25.6.57+
* 25.8.39+
* 25.10.22+
* 25.12.0+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.12.100 Version: 0 < 24.18.193 Version: 0 < 25.0.69 Version: 0 < 25.6.57 Version: 0 < 25.8.39 Version: 0 < 25.10.22 Version: 0 < 25.12.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12414",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-20T14:36:28.073782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T14:36:38.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.193",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.193",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sivanesh Ashok"
},
{
"lang": "en",
"type": "finder",
"value": "Sreeram KL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.\u003cdiv\u003e\u003cdiv\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003e\u003cbr\u003eThis issue has already been mitigated for Looker-hosted.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\u003cbr\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e24.12.100+\u003c/li\u003e\u003cli\u003e24.18.193+\u003c/li\u003e\u003cli\u003e25.0.69+\u003c/li\u003e\u003cli\u003e25.6.57+\u003c/li\u003e\u003cli\u003e25.8.39+\u003c/li\u003e\u003cli\u003e25.10.22+\u003c/li\u003e\u003cli\u003e25.12.0+\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.Looker-hosted and Self-hosted were found to be vulnerable.\n\nThis issue has already been mitigated for Looker-hosted.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.100+\n * 24.18.193+\n * 25.0.69+\n * 25.6.57+\n * 25.8.39+\n * 25.10.22+\n * 25.12.0+"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T10:32:52.463Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#GCP-2025-067"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Looker account compromise via punycode homograph attack",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12414",
"datePublished": "2025-11-20T10:32:52.463Z",
"dateReserved": "2025-10-28T15:40:31.760Z",
"dateUpdated": "2025-11-20T14:36:38.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12743 (GCVE-0-2025-12743)
Vulnerability from nvd
Published
2025-11-19 16:41
Modified
2025-11-19 18:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
The Looker endpoint for generating new projects from database connections allows users to specify "looker" as a connection name, which is a reserved internal name for Looker's internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT queries that are constructed and executed against the internal MySQL database. This vulnerability allows users with developer permissions to extract data from Looker's internal MySQL database.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect against this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.106
* 24.18.198+
* 25.0.75
* 25.6.63+
* 25.8.45+
* 25.10.33+
* 25.12.1+
* 25.14+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T18:47:06.246892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T18:47:37.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.106",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.198",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.75",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.63",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.45",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.33",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.12.1",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.106",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.198",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.75",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.63",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.45",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.33",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.12.1",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Liv Matan from Tenable"
},
{
"lang": "en",
"type": "finder",
"value": "Tomas La\u017eauninkas"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Looker endpoint for generating new projects from database connections allows users to specify \"looker\" as a connection name, which is a reserved internal name for Looker\u0027s internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT queries that are constructed and executed against the internal MySQL database. This vulnerability allows users with developer permissions to extract data from Looker\u0027s internal MySQL database.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect against this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.106\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.198+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.75\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.63+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.45+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.10.33+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.1+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "The Looker endpoint for generating new projects from database connections allows users to specify \"looker\" as a connection name, which is a reserved internal name for Looker\u0027s internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT queries that are constructed and executed against the internal MySQL database. This vulnerability allows users with developer permissions to extract data from Looker\u0027s internal MySQL database.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect against this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.106\n * 24.18.198+\n * 25.0.75\n * 25.6.63+\n * 25.8.45+\n * 25.10.33+\n * 25.12.1+\n * 25.14+"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:41:30.639Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
},
{
"url": "https://www.tenable.com/security/research/tra-2025-43"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12743",
"datePublished": "2025-11-19T16:41:30.639Z",
"dateReserved": "2025-11-05T10:51:12.658Z",
"dateUpdated": "2025-11-19T18:47:37.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12472 (GCVE-0-2025-12472)
Vulnerability from nvd
Published
2025-11-19 10:27
Modified
2025-11-19 16:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Summary
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.103+
* 24.18.195+
* 25.0.72+
* 25.6.60+
* 25.8.42+
* 25.10.22+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T16:20:20.583208Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:24:04.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.103",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.195",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.72",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.60",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.42",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.103",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.195",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.72",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.60",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.42",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.\u003cbr\u003e\u003cbr\u003e\u003cdiv\u003e\u003c/div\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003c/span\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.103+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.195+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.72+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.60+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.42+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.10.22+\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.\n\n\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.103+\n * 24.18.195+\n * 25.0.72+\n * 25.6.60+\n * 25.8.42+\n * 25.10.22+"
}
],
"impacts": [
{
"capecId": "CAPEC-26",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-26 Leveraging Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T10:27:56.520Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in Looker due to Improperly Validated Directory Deletion",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12472",
"datePublished": "2025-11-19T10:27:56.520Z",
"dateReserved": "2025-10-29T15:56:30.205Z",
"dateUpdated": "2025-11-19T16:24:04.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12155 (GCVE-0-2025-12155)
Vulnerability from nvd
Published
2025-11-10 08:49
Modified
2025-11-10 15:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.100+
* 24.18.192+
* 25.0.69+
* 25.6.57+
* 25.8.39+
* 25.10.22+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-10T15:17:21.647576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T15:18:43.851Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.192",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.192",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomas La\u017eauninkas"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted\u0026nbsp;instances. No user action is required for these.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003c/span\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.100+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.192+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.69+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.57+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.39+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.10.22+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
}
],
"value": "A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted\u00a0instances. No user action is required for these.\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.100+\n * 24.18.192+\n * 25.0.69+\n * 25.6.57+\n * 25.8.39+\n * 25.10.22+"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:Y/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T08:49:45.811Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command Injection in Looker",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12155",
"datePublished": "2025-11-10T08:49:45.811Z",
"dateReserved": "2025-10-24T13:07:55.182Z",
"dateUpdated": "2025-11-10T15:18:43.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12742 (GCVE-0-2025-12742)
Vulnerability from cvelistv5
Published
2025-11-25 05:38
Modified
2025-11-25 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.108+
* 24.18.200+
* 25.0.78+
* 25.6.65+
* 25.8.47+
* 25.12.10+
* 25.14+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.12.108 Version: 0 < 24.18.200 Version: 0 < 25.0.78 Version: 0 < 25.6.65 Version: 0 < 25.8.47 Version: 0 < 25.12.10 Version: 0 < 25.14 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12742",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T14:38:27.546926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T14:39:05.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sivanesh Ashok"
},
{
"lang": "en",
"type": "finder",
"value": "Sreeram KL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.108+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.200+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.78+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.65+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.47+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.10+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A Looker user with a Developer role could cause Looker to execute a malicious command, due to insecure processing of Teradata driver parameters.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.108+\n * 24.18.200+\n * 25.0.78+\n * 25.6.65+\n * 25.8.47+\n * 25.12.10+\n * 25.14+"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T05:38:47.907Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in Looker via Teradata JDBC Driver",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12742",
"datePublished": "2025-11-25T05:38:47.907Z",
"dateReserved": "2025-11-05T10:50:53.509Z",
"dateUpdated": "2025-11-25T14:39:05.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12741 (GCVE-0-2025-12741)
Vulnerability from cvelistv5
Published
2025-11-24 11:35
Modified
2025-11-24 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malicious command.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.108+
* 24.18.200+
* 25.0.78+
* 25.6.65+
* 25.8.47+
* 25.12.10+
* 25.14+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.12.108 Version: 0 < 24.18.200 Version: 0 < 25.0.78 Version: 0 < 25.6.65 Version: 0 < 25.8.47 Version: 0 < 25.12.10 Version: 0 < 25.14 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T13:12:37.681736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T13:13:17.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.108",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.200",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.78",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.65",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.47",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malicious command.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.108+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.200+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.78+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.65+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.47+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.10+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A Looker user with Developer role could create a database connection using Denodo driver and, by manipulating LookML, cause Looker to execute a malicious command.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.108+\n * 24.18.200+\n * 25.0.78+\n * 25.6.65+\n * 25.8.47+\n * 25.12.10+\n * 25.14+"
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137 Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T11:35:33.730Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary File Write in Denodo dialect of Looker allows Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12741",
"datePublished": "2025-11-24T11:35:33.730Z",
"dateReserved": "2025-11-05T10:50:34.070Z",
"dateUpdated": "2025-11-24T13:13:17.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12740 (GCVE-0-2025-12740)
Vulnerability from cvelistv5
Published
2025-11-24 11:30
Modified
2025-11-24 13:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver's parameters.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 25.0.93+
* 25.6.84+
* 25.12.42+
* 25.14.50+
* 25.16.44+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 25.0.93 Version: 0 < 25.6.84 Version: 0 < 25.12.42 Version: 0 < 25.14.50 Version: 0 < 25.16.44 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T13:13:45.642405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T13:14:36.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "25.0.93",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.84",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.42",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14.50",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "25.0.93",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.84",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.42",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.14.50",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.44",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver\u0027s parameters.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.93+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e25.6.84+\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.42+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14.50+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.16.44+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "A Looker user with a Developer role could create a database connection using IBM DB2 driver and, by manipulating LookML, cause Looker to execute a malicious command, due to inadequate filtering of the driver\u0027s parameters.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 25.0.93+\n * 25.6.84+\n\n * 25.12.42+\n * 25.14.50+\n * 25.16.44+"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T11:30:31.958Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Command Execution in Looker via IBM DB2 JDBC drive",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12740",
"datePublished": "2025-11-24T11:30:31.958Z",
"dateReserved": "2025-11-05T10:44:47.390Z",
"dateUpdated": "2025-11-24T13:14:36.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12739 (GCVE-0-2025-12739)
Vulnerability from cvelistv5
Published
2025-11-24 09:11
Modified
2025-11-24 13:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ : * 24.18.201+
* 25.0.79+
* 25.6.66+
* 25.12.7+
* 25.16.0+
* 25.18.0+
* 25.20.0+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.18.201 Version: 0 < 25.0.79 Version: 0 < 25.6.66 Version: 0 < 25.12.7 Version: 0 < 25.16.0 Version: 0 < 25.18.0 Version: 0 < 25.20.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-24T13:18:11.065484Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T13:43:54.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.18.201",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.79",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.66",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.18.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.18.201",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.79",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.66",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.16.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.18.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.20.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sivanesh Ashok"
},
{
"lang": "en",
"type": "finder",
"value": "Sreeram KL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003c/span\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.201+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.79+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.66+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.7+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.16.0+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.18.0+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.20.0+\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "An attacker with viewer permissions in Looker could craft a malicious URL that, when opened by a Looker admin, would execute an attacker-supplied script. Exploitation required at least one Looker extension installed on the instance.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ : * 24.18.201+\n * 25.0.79+\n * 25.6.66+\n * 25.12.7+\n * 25.16.0+\n * 25.18.0+\n * 25.20.0+"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-24T09:11:38.396Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-068"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) in Looker\u0027s Extension Loader leading to Admin Account Compromise",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12739",
"datePublished": "2025-11-24T09:11:38.396Z",
"dateReserved": "2025-11-05T10:43:57.797Z",
"dateUpdated": "2025-11-24T13:43:54.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12414 (GCVE-0-2025-12414)
Vulnerability from cvelistv5
Published
2025-11-20 10:32
Modified
2025-11-20 14:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.100+
* 24.18.193+
* 25.0.69+
* 25.6.57+
* 25.8.39+
* 25.10.22+
* 25.12.0+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 < 24.12.100 Version: 0 < 24.18.193 Version: 0 < 25.0.69 Version: 0 < 25.6.57 Version: 0 < 25.8.39 Version: 0 < 25.10.22 Version: 0 < 25.12.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12414",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-20T14:36:28.073782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T14:36:38.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.193",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "24.18.193",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "25.12.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sivanesh Ashok"
},
{
"lang": "en",
"type": "finder",
"value": "Sreeram KL"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.\u003cdiv\u003e\u003cdiv\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003e\u003cbr\u003eThis issue has already been mitigated for Looker-hosted.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003eSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\u003cbr\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e24.12.100+\u003c/li\u003e\u003cli\u003e24.18.193+\u003c/li\u003e\u003cli\u003e25.0.69+\u003c/li\u003e\u003cli\u003e25.6.57+\u003c/li\u003e\u003cli\u003e25.8.39+\u003c/li\u003e\u003cli\u003e25.10.22+\u003c/li\u003e\u003cli\u003e25.12.0+\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "An attacker could take over a Looker account in a Looker instance configured with OIDC authentication, due to email address string normalization.Looker-hosted and Self-hosted were found to be vulnerable.\n\nThis issue has already been mitigated for Looker-hosted.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.100+\n * 24.18.193+\n * 25.0.69+\n * 25.6.57+\n * 25.8.39+\n * 25.10.22+\n * 25.12.0+"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T10:32:52.463Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#GCP-2025-067"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Looker account compromise via punycode homograph attack",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12414",
"datePublished": "2025-11-20T10:32:52.463Z",
"dateReserved": "2025-10-28T15:40:31.760Z",
"dateUpdated": "2025-11-20T14:36:38.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12743 (GCVE-0-2025-12743)
Vulnerability from cvelistv5
Published
2025-11-19 16:41
Modified
2025-11-19 18:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
The Looker endpoint for generating new projects from database connections allows users to specify "looker" as a connection name, which is a reserved internal name for Looker's internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT queries that are constructed and executed against the internal MySQL database. This vulnerability allows users with developer permissions to extract data from Looker's internal MySQL database.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect against this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.106
* 24.18.198+
* 25.0.75
* 25.6.63+
* 25.8.45+
* 25.10.33+
* 25.12.1+
* 25.14+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T18:47:06.246892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T18:47:37.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.106",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.198",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.75",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.63",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.45",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.33",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.12.1",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.106",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.198",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.75",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.63",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.45",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.33",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.12.1",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.14",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Liv Matan from Tenable"
},
{
"lang": "en",
"type": "finder",
"value": "Tomas La\u017eauninkas"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Looker endpoint for generating new projects from database connections allows users to specify \"looker\" as a connection name, which is a reserved internal name for Looker\u0027s internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT queries that are constructed and executed against the internal MySQL database. This vulnerability allows users with developer permissions to extract data from Looker\u0027s internal MySQL database.\u003cbr\u003e\u003cbr\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect against this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.106\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.198+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.75\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.63+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.45+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.10.33+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.12.1+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.14+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003c/div\u003e"
}
],
"value": "The Looker endpoint for generating new projects from database connections allows users to specify \"looker\" as a connection name, which is a reserved internal name for Looker\u0027s internal MySQL database. The schemas parameter is vulnerable to SQL injection, enabling attackers to manipulate SELECT queries that are constructed and executed against the internal MySQL database. This vulnerability allows users with developer permissions to extract data from Looker\u0027s internal MySQL database.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect against this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.106\n * 24.18.198+\n * 25.0.75\n * 25.6.63+\n * 25.8.45+\n * 25.10.33+\n * 25.12.1+\n * 25.14+"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:41:30.639Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
},
{
"url": "https://www.tenable.com/security/research/tra-2025-43"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL Injection in Looker Project Generation Endpoint Allows Access to Internal MySQL Database",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12743",
"datePublished": "2025-11-19T16:41:30.639Z",
"dateReserved": "2025-11-05T10:51:12.658Z",
"dateUpdated": "2025-11-19T18:47:37.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12472 (GCVE-0-2025-12472)
Vulnerability from cvelistv5
Published
2025-11-19 10:27
Modified
2025-11-19 16:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Summary
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.103+
* 24.18.195+
* 25.0.72+
* 25.6.60+
* 25.8.42+
* 25.10.22+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12472",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T16:20:20.583208Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T16:24:04.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.103",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.195",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.72",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.60",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.42",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.103",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.195",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.72",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.60",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.42",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "RyotaK of GMO Flatt Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.\u003cbr\u003e\u003cbr\u003e\u003cdiv\u003e\u003c/div\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted instances.\u0026nbsp;No user action is required for these.\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cdiv\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003c/span\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.103+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.195+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.72+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.60+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.42+\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.10.22+\u003cbr\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance.\n\n\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted instances.\u00a0No user action is required for these.\n\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.103+\n * 24.18.195+\n * 25.0.72+\n * 25.6.60+\n * 25.8.42+\n * 25.10.22+"
}
],
"impacts": [
{
"capecId": "CAPEC-26",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-26 Leveraging Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T10:27:56.520Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote Code Execution in Looker due to Improperly Validated Directory Deletion",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12472",
"datePublished": "2025-11-19T10:27:56.520Z",
"dateReserved": "2025-10-29T15:56:30.205Z",
"dateUpdated": "2025-11-19T16:24:04.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12155 (GCVE-0-2025-12155)
Vulnerability from cvelistv5
Published
2025-11-10 08:49
Modified
2025-11-10 15:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system.
Looker-hosted and Self-hosted were found to be vulnerable.
This issue has already been mitigated for Looker-hosted instances. No user action is required for these.
Self-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.
The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :
* 24.12.100+
* 24.18.192+
* 25.0.69+
* 25.6.57+
* 25.8.39+
* 25.10.22+
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | Looker |
Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 Version: 0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-10T15:17:21.647576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T15:18:43.851Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Looker-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.192",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Self-hosted"
],
"product": "Looker",
"vendor": "Google Cloud",
"versions": [
{
"lessThan": "24.12.100",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "24.18.192",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.0.69",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.6.57",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.8.39",
"status": "affected",
"version": "0",
"versionType": "date"
},
{
"lessThan": "25.10.22",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomas La\u017eauninkas"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eLooker-hosted and Self-hosted were found to be vulnerable.\u003cbr\u003eThis issue has already been mitigated for Looker-hosted\u0026nbsp;instances. No user action is required for these.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eSelf-hosted instances must be upgraded \u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eas soon as possible\u003c/span\u003e. This vulnerability has been patched in all supported versions of Self-hosted.\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003ehttps://download.looker.com/\u003c/a\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e:\u003c/span\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.12.100+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e24.18.192+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.0.69+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.6.57+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.8.39+\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003e25.10.22+\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
}
],
"value": "A Command Injection vulnerability, resulting from improper file path sanitization (Directory Traversal) in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system.\n\nLooker-hosted and Self-hosted were found to be vulnerable.\nThis issue has already been mitigated for Looker-hosted\u00a0instances. No user action is required for these.\n\nSelf-hosted instances must be upgraded as soon as possible. This vulnerability has been patched in all supported versions of Self-hosted.\nThe versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page https://download.looker.com/ :\n * 24.12.100+\n * 24.18.192+\n * 25.0.69+\n * 25.6.57+\n * 25.8.39+\n * 25.10.22+"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:P/AU:Y/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-10T08:49:45.811Z",
"orgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"shortName": "GoogleCloud"
},
"references": [
{
"url": "https://cloud.google.com/support/bulletins#gcp-2025-052"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command Injection in Looker",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f45cbf4e-4146-4068-b7e1-655ffc2c548c",
"assignerShortName": "GoogleCloud",
"cveId": "CVE-2025-12155",
"datePublished": "2025-11-10T08:49:45.811Z",
"dateReserved": "2025-10-24T13:07:55.182Z",
"dateUpdated": "2025-11-10T15:18:43.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}