← voltar
CVE-2025-8396

CVE-2025-8396

CVSS 6.9 MEDIUMEPSS 0.4%CWE-770
Insufficiently specific bounds checking on authorization header could lead to denial of service in the Temporal server on all platforms due to excessive memory allocation.This issue affects all platforms and versions of OSS Server prior to 1.26.3, 1.27.3, and 1.28.1 (i.e., fixed in 1.26.3, 1.27.3, and 1.28.1 and later). Temporal Cloud services are not impacted.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y
Produtos afetados
Temporal · OSS Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/temporalio/temporal/releases/tag/v1.26.3https://github.com/temporalio/temporal/releases/tag/v1.27.3https://github.com/temporalio/temporal/releases/tag/v1.28.1