| Название | HdrHistogram 2.2.2 and earlier Improper Input Validation |
|---|
| Описание | The public method recordValueWithCount(long value, long count) in AbstractHistogram does not validate that the count parameter is positive. Passing negative values corrupts the histogram's internal state, including totalCount and individual bucket values. This allows an attacker who can influence the count parameter (e.g., through a metrics API or agent data receiver) to manipulate monitoring data, suppress SLA violations, or cause incorrect alerting decisions. |
|---|
| Источник | ⚠️ https://github.com/HdrHistogram/HdrHistogram/issues/221 |
|---|
| Пользователь | sara11h (UID 98571) |
|---|
| Представление | 03.06.2026 09:50 (1 месяц назад) |
|---|
| Модерация | 04.07.2026 06:40 (1 month later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 376281 [HdrHistogram до 2.2.2 AbstractHistogram AbstractHistogram.java recordValueWithCount Количество эскалация привилегий] |
|---|
| Баллы | 20 |
|---|