PT-2025-54224 · Temporal · Temporal
Published
2025-12-30
·
Updated
2026-02-07
·
CVE-2025-14986
CVSS v4.0
1.3
Low
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/S:N/AU:Y/R:U/RE:L/U:Green |
Name of the Vulnerable Software and Affected Versions
Temporal versions 1.24.0 through 1.29.1
Description
When the
frontend.enableExecuteMultiOperation setting is enabled, the server incorrectly applies namespace-scoped validation and feature gates. Specifically, it uses the Namespace field from an embedded StartWorkflowExecutionRequest instead of the authorized ExecuteMultiOperationRequest's Namespace. This allows a user authorized for one namespace to bypass the limits and policies of that namespace by setting the embedded request's namespace to a different namespace. The workflow creation still occurs within the authorized namespace, but validation and gating are performed using the incorrect namespace context.Recommendations
Update to Temporal version 1.27.4.
Update to Temporal version 1.28.2.
Update to Temporal version 1.29.2.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Temporal