vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Currently, the refresh token is valid indefinitely. The refresh token should get a validity of 24-48 hours. A fix was released in version 3.8.0.
References
Link | Resource |
---|---|
https://github.com/vantage6/vantage6/commit/48ebfca42359e9a6743e9598684585e2522cdce8 | Patch |
https://github.com/vantage6/vantage6/security/advisories/GHSA-4w59-c3gc-rrhp | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-03-03T23:37:50.748Z
Updated: 2023-03-03T23:37:50.748Z
Reserved: 2023-01-19T21:12:31.359Z
Link: CVE-2023-23929
JSON object: View
NVD Information
Status : Modified
Published: 2023-03-04T00:15:15.380
Modified: 2023-11-07T04:08:06.713
Link: CVE-2023-23929
JSON object: View
Redhat Information
No data.
CWE