3 matches found
CVE-2022-31145
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin...
CVE-2022-31145 Insufficient AccessToken Expiration Check in FlyteAdmin
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin...
CVE-2022-31145
Summary: CVE-2022-31145 concerns FlyteAdmin's validation of access/tokens. In versions up to 1.1.30, authenticated users with external identity providers can continue to use Access Tokens and ID Tokens after expiry. The issue does not affect users configuring FlyteAdmin as the OAuth2 Authorizatio...