2 matches found
FlyteAdmin Insufficient AccessToken Expiration Check
Impact Authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Using flyteadmin as the OAuth2 Authorization Server is unaffected by this issue. Patches 1.1.30 Workarounds Rotating signing keys immediately will: Invalidate all...
CVE-2022-31145 Insufficient AccessToken Expiration Check in FlyteAdmin
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users who use FlyteAdmin...