Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-90DCE93BFCAFBF84F7A99A21EB609498HistorySep 01, 2022 - 12:00 a.m.
Pinniped Supervisor Insufficient Session Expiration vulnerability
2022-09-0100:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
10
0.001 Low
EPSS
Percentile
22.9%
An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor (before v0.19.0). A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/go.pinniped.dev | ge | 0.3.0 | |
| go/go.pinniped.dev | lt | 0.19.0 |
Related
osv
osv
BIT-pinniped-2022-31677
2024-03-06 11:01:40
CVE-2022-31677
2022-08-29 15:15:10
Pinniped Supervisor Insufficient Session Expiration vulnerability
2022-09-01 22:24:05
cvelist
cvelist
CVE-2022-31677
2022-08-29 14:03:02
cve
cve
CVE-2022-31677
2022-08-29 15:15:10
prion
prion
Session fixation
2022-08-29 15:15:00
veracode
veracode
Session Fixation
2022-08-30 03:32:44
nvd
nvd
CVE-2022-31677
2022-08-29 15:15:10
github
github
Pinniped Supervisor Insufficient Session Expiration vulnerability
2022-09-01 22:24:05