Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.6 views

CVE-2022-31677

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

5.4CVSS6.7AI score0.00381EPSS
Exploits0References1
Circl
Circl
added 2022/08/29 6:34 p.m.6 views

CVE-2022-31677

creationtimestamp| type| source ---|---|--- 2022-08-29 18:34:18+00:00| seen| https://t.me/cibsecurity/48972...

5.4CVSS5.4AI score0.00381EPSS
Exploits0References1
NVD
NVD
added 2022/08/29 3:15 p.m.33 views

CVE-2022-31677

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

5.4CVSS0.00381EPSS
Exploits0References1
CVE
CVE
added 2022/08/29 2:3 p.m.72 views

CVE-2022-31677

CVE-2022-31677 affects Pinniped Supervisor prior to v0.19.0. A bug in the token-exchange flow allowed an authentication session to outlive the intended window: expired access tokens could continue to be accepted until backend session data was cleared, effectively enabling a user to maintain acces...

5.4CVSS5.2AI score0.00381EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/08/29 2:3 p.m.23 views

CVE-2022-31677

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

5.4CVSS6.6AI score0.00381EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/08/29 2:3 p.m.38 views

CVE-2022-31677

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

5.6AI score0.00381EPSS
Exploits0References1
Rows per page
Query Builder