Soumettre #846761: HdrHistogram 2.2.2 and earlier Improper Input Validationinformation

TitreHdrHistogram 2.2.2 and earlier Improper Input Validation
DescriptionThe public method recordValueWithCount(long value, long count) in AbstractHistogram does not validate that the count parameter is positive. Passing negative values corrupts the histogram's internal state, including totalCount and individual bucket values. This allows an attacker who can influence the count parameter (e.g., through a metrics API or agent data receiver) to manipulate monitoring data, suppress SLA violations, or cause incorrect alerting decisions.
La source⚠️ https://github.com/HdrHistogram/HdrHistogram/issues/221
Utilisateur
 sara11h (UID 98571)
Soumission03/06/2026 09:50 (il y a 1 mois)
Modérer04/07/2026 06:40 (1 month later)
StatutAccepté
Entrée VulDB376281 [HdrHistogram jusqu’à 2.2.2 AbstractHistogram AbstractHistogram.java recordValueWithCount Nombre élévation de privilèges]
Points20

Do you want to use VulDB in your project?

Use the official API to access entries easily!