github.com/flyteorg/flyteadmin is vulnerable to insecure session. The vulnerability exists in ValidateAccessToken
function in resource_server.go
because the access token keys are not properly validated which allows an attacker to access the server using expired tokens.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/flyteorg/flyteadmin | le | v1.1.30 | |
github.com/flyteorg/flyteadmin | le | v1.1.30 |