Google has patched a privilege escalation vulnerability in its Cloud Run service, which could have allowed malicious actors to access container images and inject malicious code. The vulnerability, codenamed ImageRunner, allows attackers to modify a service and deploy a new revision, potentially exposing sensitive or proprietary images. Google has now ensured that users or service accounts creating or updating a Cloud Run resource have explicit permission to access the container images.