Lucene search
K

6 matches found

OSV
OSV
added 2026/04/10 9:31 p.m.1 views

GHSA-Q98V-9F9W-F49Q Temporal does not enforce authentication and authorization for the streaming AdminService/StreamWorkflowReplicationMessages endpoint

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...

6.3CVSS5.8AI score0.0051EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/10 9:31 p.m.4 views

EUVD-2026-21607

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...

6.3CVSS5.8AI score0.0051EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/10 9:31 p.m.18 views

Temporal does not enforce authentication and authorization for the streaming AdminService/StreamWorkflowReplicationMessages endpoint

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...

6.3CVSS5.8AI score0.0051EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/10 9:16 p.m.8 views

CVE-2026-5724

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...

6.3CVSS0.0051EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/10 9:6 p.m.2 views

CVE-2026-5724

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests...

6.3CVSS6AI score0.0051EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.3 views

PT-2026-32045

Name of the Vulnerable Software and Affected Versions Temporal versions affected versions not specified Description The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce...

6.3CVSS5.8AI score0.0051EPSS
Exploits0References10
Rows per page
Query Builder