Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor (before v0.19.0). A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware Pinniped Supervisor 代码问题漏洞
Vulnerability Description
Supervisor是一套适用于类Unix系统的过程控制系统。该系统主要用于监视和控制类Unix操作系统中的进程。VMware Pinniped是美国威睿(VMware)公司的一款为 Kubernetes 提供身份服务的软件。 VMware Pinniped Supervisor v0.19.0之前的版本存在安全漏洞,该漏洞源于通过Pinniped Supervisor向Kubernetes集群进行身份验证的用户可能会使用其访问令牌继续其会话,超出正确使用其刷新令牌可能允许的范围。
CVSS Information
N/A
Vulnerability Type
N/A