CVE-2022-2306

Insufficient Session Expiration in go/github.com/heroiclabs/nakama

Identifiers

GHSA-xv59-gc3r-rf92, CVE-2022-2306

Package Slug

go/github.com/heroiclabs/nakama

Vulnerability

Insufficient Session Expiration

Description

Old session tokens can be used to authenticate to the application and send authenticated requests.

Affected Versions

All versions before v3.13.0

Solution

Upgrade to version 3.13.0 or above.

Last Modified

2022-07-24

source