PT-2026-55741 · Unknown · Hdrhistogram

Sara11H

·

Published

2026-07-04

·

Updated

2026-07-04

·

CVE-2026-14683

CVSS v3.1

3.3

Low

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions HdrHistogram versions prior to 2.2.3
Description An issue exists in the decodeFromCompressedByteBuffer() function within the org.HdrHistogram.AbstractHistogram class. Local manipulation of the lengthOfCompressedContents argument can lead to uncontrolled memory allocation.
Recommendations Update HdrHistogram to a version newer than 2.2.2. As a temporary mitigation, restrict local access to the decodeFromCompressedByteBuffer() function.

Exploit

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-14683

Affected Products

Hdrhistogram