blob: 145acaf4297daeb675d9093c8a41ad1354cfd51b [file] [log] [blame]
id: GO-2022-0519
modules:
- module: github.com/flyteorg/flyteadmin
versions:
- fixed: 1.1.31
vulnerable_at: 1.1.30
packages:
- package: github.com/flyteorg/flyteadmin/auth/authzserver
symbols:
- ResourceServer.ValidateAccessToken
summary: Improper validation of access tokens in github.com/flyteorg/flyteadmin
description: Improper validation of access tokens can permit use of expired tokens.
published: 2022-07-30T03:51:07Z
cves:
- CVE-2022-31145
ghsas:
- GHSA-qwrj-9hmp-gpxh
references:
- fix: https://github.com/flyteorg/flyteadmin/commit/a1ec282d02706e074bc4986fd0412e5da3b9d00a
review_status: REVIEWED