Количество 2
Количество 2
CVE-2023-41891
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. Prior to version 1.1.124, list endpoints on FlyteAdmin have a SQL vulnerability where a malicious user can send a REST request with custom SQL statements as list filters. The attacker needs to have access to the FlyteAdmin installation, typically either behind a VPN or authentication. Version 1.1.124 contains a patch for this issue.
GHSA-r847-6w6h-r8g4
Flyte Admin SQL Injection in List Filters
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-41891 FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. Prior to version 1.1.124, list endpoints on FlyteAdmin have a SQL vulnerability where a malicious user can send a REST request with custom SQL statements as list filters. The attacker needs to have access to the FlyteAdmin installation, typically either behind a VPN or authentication. Version 1.1.124 contains a patch for this issue. | CVSS3: 3.5 | 0% Низкий | больше 2 лет назад |
| GHSA-r847-6w6h-r8g4 Flyte Admin SQL Injection in List Filters | CVSS3: 3.5 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу