As promised, we're publishing a security advisory for a security vulnerability in flyteconsole. We recommend users to upgrade to flyteconsole v0.52.0 or greater ASAP (which corresponds to Flyte v0.19.4). As mentioned earlier, we yanked all affected versions from the official image repository. We've also reached out to affected folks individually and believe that all impacted deployments have been patched.
For more details about the exploit, please visit
https://github.com/flyteorg/flyteconsole/security/advisories/GHSA-www6-hf2v-v9m9.