As announced last week, during our testing, we found a security issue on 5th of July related to how OAuth2 tokens are invalided. A patch was introduced in a private fork and older flyteadmin docker images yanked. An updated helm chart (
v1.1.0) was released shortly after that addresses the security vulnerability (Patch has now been merged in
flyteadmin)
Details of the vulnerability are available in (
CVE-2022-31145).