No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Sat, 04 Jul 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. The manipulation of the argument lengthOfCompressedContents results in uncontrolled memory allocation. The attack needs to be approached locally. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | |
| Title | HdrHistogram AbstractHistogram.java memory allocation | |
| First Time appeared |
Hdrhistogram
Hdrhistogram hdrhistogram |
|
| Weaknesses | CWE-400 CWE-789 |
|
| CPEs | cpe:2.3:a:hdrhistogram:hdrhistogram:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Hdrhistogram
Hdrhistogram hdrhistogram |
|
| References |
| |
| Metrics |
cvssV2_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-04T23:00:10.759Z
Reserved: 2026-07-04T04:39:55.742Z
Link: CVE-2026-14683
No data.
No data.
No data.
OpenCVE Enrichment
No data.