Home

Description

Insufficiently specific bounds checking on authorization header could lead to denial of service in the Temporal server on all platforms due to excessive memory allocation.This issue affects all platforms and versions of OSS Server prior to 1.26.3, 1.27.3, and 1.28.1 (i.e., fixed in 1.26.3, 1.27.3, and 1.28.1 and later). Temporal Cloud services are not impacted.

PUBLISHED Reserved 2025-07-30 | Published 2025-09-15 | Updated 2025-09-15 | Assigner Temporal




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y

Problem types

CWE-770 Allocation of Resources Without Limits or Throttling

Product status

Default status
unaffected

Any version before 1.26.3
affected

1.27.0 (semver) before 1.27.3
affected

1.28.0 (semver) before 1.28.1
affected

References

github.com/temporalio/temporal/releases/tag/v1.26.3

github.com/temporalio/temporal/releases/tag/v1.27.3

github.com/temporalio/temporal/releases/tag/v1.28.1

cve.org (CVE-2025-8396)

nvd.nist.gov (CVE-2025-8396)

Download JSON