Lucene search
K

5 matches found

OSV
OSV
added 2023/06/30 6:31 p.m.21 views

GHSA-GM2G-2XR9-PXXJ Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

3CVSS3.4AI score0.00166EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/06/30 6:31 p.m.48 views

Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

3.6CVSS6.1AI score0.00166EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/06/30 6:15 p.m.16 views

Race condition

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

2.4CVSS3.8AI score0.00166EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/30 5:37 p.m.13 views

CVE-2023-3485 Insecure Default Authorization in Temporal Server

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

3CVSS6.4AI score0.00166EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/30 12:0 a.m.23 views

Insecure Default Initialization of Resource

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

3.6CVSS6.6AI score0.00166EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder