Primary

Context

Grafana Tempo Denial-of-Service Vulnerability Due to Large Memory Allocations

Vulnerability

A denial-of-service vulnerability has been identified in Grafana Tempo. When queries are made with large limits, they can cause significant memory allocations that impact the service's availability. This issue depends on the deployment strategy of the service. The vulnerability can be mitigated by setting a maximum result limit in the search configuration, such as 262,144.

Impact

Exploitation of this vulnerability can lead to increased memory usage, causing availability issues for the Grafana Tempo service.

Remediation

To address this vulnerability, set the max_result_limit parameter in the search configuration to a value such as 262,144.

Added: Apr 24, 2026, 9:18 AM

Updated: Apr 24, 2026, 9:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

6.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

6.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Grafana Tempo Denial-of-Service Vulnerability Due to Large Memory Allocations

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating