Skip to main content
CVE-2023-3485 LOW PATCH Monitor

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Rated low severity (CVSS 3.6). No vendor patch available.

Authentication Bypass Temporal
NVD GitHub
CVSS 3.1
3.6
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy