| عنوان | HdrHistogram 2.2.2 and earlier Improper Input Validation |
|---|
| الوصف | The public method recordValueWithCount(long value, long count) in AbstractHistogram does not validate that the count parameter is positive. Passing negative values corrupts the histogram's internal state, including totalCount and individual bucket values. This allows an attacker who can influence the count parameter (e.g., through a metrics API or agent data receiver) to manipulate monitoring data, suppress SLA violations, or cause incorrect alerting decisions. |
|---|
| المصدر | ⚠️ https://github.com/HdrHistogram/HdrHistogram/issues/221 |
|---|
| المستخدم | sara11h (UID 98571) |
|---|
| ارسال | 03/06/2026 09:50 AM (1 شهر منذ) |
|---|
| الاعتدال | 04/07/2026 06:40 AM (1 month later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 376281 [HdrHistogram حتى 2.2.2 AbstractHistogram AbstractHistogram.java recordValueWithCount عدد تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|