CVE-2025-8396_CVE-2025-8396

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y

Description

Insufficiently specific bounds checking on authorization header could lead to denial of service in the Temporal server on all platforms due to excessive memory allocation.This issue affects all platforms and versions of OSS Server prior to 1.26.3, 1.27.3, and 1.28.1 (i.e., fixed in 1.26.3, 1.27.3, and 1.28.1 and later). Temporal Cloud services are not impacted.

Basic Information

ID CVE-2025-8396

Source Temporal

Published Sep 15, 2025 at 14:13

Modified Sep 15, 2025 at 14:52

Affected Product

Vendor Temporal

Product OSS Server

Affected Versions Temporal OSS Server 0
Temporal OSS Server 1.27.0
Temporal OSS Server 1.28.0

CWE Classification

CWE-770

References

{
    "lastseen": "",
    "description": "Insufficiently specific bounds checking on authorization header could lead to denial of service in the Temporal server on all platforms due to excessive memory allocation.This issue affects all platforms and versions of OSS Server prior to 1.26.3, 1.27.3, and 1.28.1 (i.e., fixed in 1.26.3, 1.27.3, and 1.28.1 and later). Temporal Cloud services are not impacted.",
    "published": "2025-09-15T14:13:26.507Z",
    "modified": "2025-09-15T14:52:27.444Z",
    "type": "cve",
    "title": "CVE-2025-8396",
    "source": "Temporal",
    "references": "https://github.com/temporalio/temporal/releases/tag/v1.26.3\nhttps://github.com/temporalio/temporal/releases/tag/v1.27.3\nhttps://github.com/temporalio/temporal/releases/tag/v1.28.1",
    "id": "CVE-2025-8396",
    "bulletinFamily": "",
    "cwe": [
        "CWE-770"
    ],
    "cvelist": null,
    "sourceData": "Temporal OSS Server 0\nTemporal OSS Server 1.27.0\nTemporal OSS Server 1.28.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OSS Server",
    "version": "0",
    "vendor": "Temporal",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}