ГлавнаяУязвимости → CVE-2026-21728
7.5высокая

CVE-2026-21728

Описание

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18). Alternatively, automatically restart the service.

Затрагиваемое ПО
Grafana Tempo
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://grafana.com/security/security-advisories/cve-2026-21728https://access.redhat.com/errata/RHSA-2026:21769https://access.redhat.com/errata/RHSA-2026:22347https://access.redhat.com/errata/RHSA-2026:22423https://access.redhat.com/errata/RHSA-2026:23345https://access.redhat.com/errata/RHSA-2026:24503https://access.redhat.com/security/cve/CVE-2026-21728https://bugzilla.redhat.com/show_bug.cgi?id=2461395