Improper resource allocation - Buffer overflow
Description
Within the code there are unsafe statements that can affect the performance and response time of the application. See https://rules.sonarsource.com/java/RSPEC-1149?search=stringbuffer for more information.
Impact
Affect application performance.
Recommendation
Use the libraries that allow to execute the functions of concatenation and storage in collections in an optimized way (ArrayList and StringBuilder or SyncronizedList).
Threat
Attacker with access to the application.
Expected Remediation Time
⏱️ 30 minutes.
Requirements
072 - Set maximum response time158 - Use a secure programming language164 - Use optimized structures173 - Discard unsafe inputsFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
A
Attack complexity
H
Attack requirements
N
Privileges required
L
User interaction
N
Confidentiality (VC)
N
Integrity (VI)
N
Availability (VA)
L
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
P
Vector string
CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P