Lucene search
GoogleOSV:GHSA-Q4QM-XHF9-4P8FHistoryJun 03, 2022 - 12:01 a.m.
Flower OAuth authentication bypass
2022-06-0300:01:07
Google
osv.dev
63
flower
celery python rpc
oauth
authentication bypass
vulnerability
api
denial of service
fix
EPSS
0.002
Percentile
54.1%
All versions of Flower, a web UI for the Celery Python RPC framework, as of 05-02-2022 are vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutting down Celery task nodes. A fix was released in version 1.2.0.
Related
prion
prion
Authentication flaw
2022-06-02 14:15:00
cnvd
cnvd
Flower Denial of Service Vulnerability
2022-06-09 00:00:00
nvd
nvd
CVE-2022-30034
2022-06-02 14:15:51
ubuntucve
ubuntucve
CVE-2022-30034
2022-06-02 00:00:00
osv
osv
PYSEC-2022-42973
2022-06-02 14:15:00
CVE-2022-30034
2022-06-02 14:15:51
cve
cve
CVE-2022-30034
2022-06-02 14:15:51
veracode
veracode
Authentication Bypass
2022-06-06 12:54:44
cvelist
cvelist
CVE-2022-30034
2022-05-31 13:13:32
github
github
Flower OAuth authentication bypass
2022-06-03 00:01:07