Nixpkgs security tracker

Login with GitHub

Suggestions search

Dismissed
Filter by:
With package: tempo

Found 1 matching suggestions

View:
Compact
Detailed
Dismissed
(not in Nixpkgs)
Permalink CVE-2026-21728
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
updated 1 week ago by @LeSuisse Activity log
  • Created suggestion 1 week, 2 days ago
  • @LeSuisse dismissed (not in Nixpkgs) 1 week ago
Tempo query limit results in unbounded memory allocation

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18).

Affected products

Tempo
  • <v2.11.0

Matching in nixpkgs

pkgs.tempo

High volume, minimal dependency trace storage

pkgs.temporal

Microservice orchestration platform which enables developers to build scalable applications without sacrificing productivity or reliability

pkgs.tempora_lgc

Tempora font

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin

pkgs.temporal-cli

Command-line interface for running Temporal Server and interacting with Workflows, Activities, Namespaces, and other parts of Temporal

pkgs.gnomeExtensions.tempomate

Effortless time tracking in Jira Tempo timesheets!

  • nixos-unstable 17
    • nixpkgs-unstable 17
    • nixos-unstable-small 17
  • nixos-25.11 17
    • nixos-25.11-small 17
    • nixpkgs-25.11-darwin 17

Package maintainers