CNNVD-202509-2042 Information

CNNVD ID

CNNVD-202509-2042

Related CVE

CVE-2025-8396

• CNNVD Published: 2025-09-15

Description (Chinese)

Temporal OSS Server是Temporal开源的一款工作流编排引擎。 Temporal OSS Server 1.26.3之前版本、1.27.3之前版本和1.28.1之前版本存在安全漏洞，该漏洞源于授权标头边界检查不足，可能导致内存过度分配和拒绝服务。

Description (English)

Temporal OS Server is an open-source workstream engine for Temporal. There is a security loophole in previous versions of Temporal OSS Server 1.26.3, previous version 1.27.3 and previous version 1.2.8.1, which stems from inadequate border checks at authorized headpoints, which may lead to overallocation of memory and denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

temporal

Published

2025-09-15

Last Modified

2026-02-24

References

https://github.com/temporalio/temporal/releases/tag/v1.26.3 https://github.com/temporalio/temporal/releases/tag/v1.27.3 https://github.com/temporalio/temporal/releases/tag/v1.28.1

Patch

https://github.com/temporalio/temporal/releases