No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Sat, 04 Jul 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory allocation. The attack can only be executed locally. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | |
| Title | HdrHistogram AbstractHistogram.java memory allocation | |
| First Time appeared |
Hdrhistogram
Hdrhistogram hdrhistogram |
|
| Weaknesses | CWE-400 CWE-789 |
|
| CPEs | cpe:2.3:a:hdrhistogram:hdrhistogram:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Hdrhistogram
Hdrhistogram hdrhistogram |
|
| References |
| |
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-04T23:30:10.875Z
Reserved: 2026-07-04T04:39:58.430Z
Link: CVE-2026-14684
No data.
No data.
No data.
OpenCVE Enrichment
No data.