إرسال #846761: HdrHistogram 2.2.2 and earlier Improper Input Validationالمعلومات

عنوانHdrHistogram 2.2.2 and earlier Improper Input Validation
الوصفThe public method recordValueWithCount(long value, long count) in AbstractHistogram does not validate that the count parameter is positive. Passing negative values corrupts the histogram's internal state, including totalCount and individual bucket values. This allows an attacker who can influence the count parameter (e.g., through a metrics API or agent data receiver) to manipulate monitoring data, suppress SLA violations, or cause incorrect alerting decisions.
المصدر⚠️ https://github.com/HdrHistogram/HdrHistogram/issues/221
المستخدم
 sara11h (UID 98571)
ارسال03/06/2026 09:50 AM (1 شهر منذ)
الاعتدال04/07/2026 06:40 AM (1 month later)
الحالةتمت الموافقة
إدخال VulDB376281 [HdrHistogram حتى 2.2.2 AbstractHistogram AbstractHistogram.java recordValueWithCount عدد تجاوز الصلاحيات]
النقاط20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!