CNNVD-202512-5074 Information

CNNVD ID

CNNVD-202512-5074

Related CVE

CVE-2025-14987

• CNNVD Published: 2025-12-30

Description (Chinese)

Temporal是temporal.io开源的一个持久化执行平台。 Temporal—durable 1.29.1及之前版本存在安全漏洞，该漏洞源于跨命名空间命令授权不当，可能导致未授权创建工作流。

Description (English)

Temporal is a sustainable implementation platform for the open source of Temporal.io. There is a security loophole in Temporal-durable 1.2.9.1 and earlier versions, which stems from the inappropriate authorization of a cross-name space command, which may lead to unauthorized creation of a workflow.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

temporal.io

Published

2025-12-30

Last Modified

2026-02-24

References

https://github.com/temporalio/temporal/releases/tag/v1.27.4 https://github.com/temporalio/temporal/releases/tag/v1.28.2 https://github.com/temporalio/temporal/releases/tag/v1.29.2

Patch

https://github.com/temporalio/temporal/releases