DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known workarounds for this vulnerability.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| DIRAC(PyPI) | 8.0.0 | 8.0.37 | N/A |
| dirac(PyPI) | 0 | 8.0.37 | N/A |
CVSS Metrics
