Lucene search

K

Flyteadmin Security Vulnerabilities

cve
cve

CVE-2023-41891

FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. Prior to version 1.1.124, list endpoints on FlyteAdmin have a SQL vulnerability where a malicious user can send a REST request with custom SQL statements as list filters. The attacker....

8.8CVSS

8.7AI Score

0.001EPSS

2023-10-30 07:15 PM
40
cve
cve

CVE-2022-39273

FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes will be exposed to the public internet. In an effort to make enabling authentication easier for Flyte administrators, the...

7.5CVSS

7.5AI Score

0.001EPSS

2022-10-06 06:16 PM
236
5
cve
cve

CVE-2022-31145

FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin.....

6.5CVSS

6.2AI Score

0.001EPSS

2022-07-13 09:15 PM
35
8