指标监控 on 办公AI智能小助手 https://blog.qife122.com/tags/%E6%8C%87%E6%A0%87%E7%9B%91%E6%8E%A7/ Recent content in 指标监控 on 办公AI智能小助手 Hugo zh-cn qife Sun, 11 Jan 2026 06:13:27 +0800 警惕!未净化的指标名称与标签可能导致指标导出被劫持 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E6%9C%AA%E5%87%80%E5%8C%96%E7%9A%84%E6%8C%87%E6%A0%87%E5%90%8D%E7%A7%B0%E4%B8%8E%E6%A0%87%E7%AD%BE%E5%8F%AF%E8%83%BD%E5%AF%BC%E8%87%B4%E6%8C%87%E6%A0%87%E5%AF%BC%E5%87%BA%E8%A2%AB%E5%8A%AB%E6%8C%81/ Sun, 11 Jan 2026 06:13:27 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E6%9C%AA%E5%87%80%E5%8C%96%E7%9A%84%E6%8C%87%E6%A0%87%E5%90%8D%E7%A7%B0%E4%B8%8E%E6%A0%87%E7%AD%BE%E5%8F%AF%E8%83%BD%E5%AF%BC%E8%87%B4%E6%8C%87%E6%A0%87%E5%AF%BC%E5%87%BA%E8%A2%AB%E5%8A%AB%E6%8C%81/ <h2 id="漏洞详情">漏洞详情</h2> <p><strong>CVE-2024-28867</strong> 是一个存在于 <code>swift-server/swift-prometheus</code> 库中的中等严重性漏洞。</p> <h3 id="影响">影响</h3> <p>在将未净化的字符串值直接用作指标名称或标签的代码中,例如:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-swift" data-lang="swift"><span class="line"><span class="cl"><span class="kd">let</span> <span class="nv">lang</span> <span class="p">=</span> <span class="k">try</span><span class="p">?</span> <span class="n">request</span><span class="p">.</span><span class="n">query</span><span class="p">.</span><span class="kr">get</span><span class="p">(</span><span class="nb">String</span><span class="p">.</span><span class="kc">self</span><span class="p">,</span> <span class="n">at</span><span class="p">:</span> <span class="s">&#34;lang&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="n">Counter</span><span class="p">(</span> </span></span><span class="line"><span class="cl"> <span class="n">label</span><span class="p">:</span> <span class="s">&#34;language&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">dimensions</span><span class="p">:</span> <span class="p">[(</span><span class="s">&#34;lang&#34;</span><span class="p">,</span> <span class="n">lang</span> <span class="p">??</span> <span class="s">&#34;unknown&#34;</span><span class="p">)]</span> </span></span><span class="line"><span class="cl"><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p>攻击者可以利用此漏洞,通过发送包含换行符、<code>}</code> 或类似字符的查询参数(如 <code>?lang</code>),来劫持导出的指标格式。这可能导致攻击者无限制地创建存储的指标、使服务器内存使用量膨胀,或产生“虚假”指标。</p> 警惕未净化指标名称或标签的注入风险:CVE-2024-28867漏洞深度解析 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E6%9C%AA%E5%87%80%E5%8C%96%E6%8C%87%E6%A0%87%E5%90%8D%E7%A7%B0%E6%88%96%E6%A0%87%E7%AD%BE%E7%9A%84%E6%B3%A8%E5%85%A5%E9%A3%8E%E9%99%A9cve-2024-28867%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90/ Wed, 03 Dec 2025 19:29:27 +0800 https://blog.qife122.com/p/%E8%AD%A6%E6%83%95%E6%9C%AA%E5%87%80%E5%8C%96%E6%8C%87%E6%A0%87%E5%90%8D%E7%A7%B0%E6%88%96%E6%A0%87%E7%AD%BE%E7%9A%84%E6%B3%A8%E5%85%A5%E9%A3%8E%E9%99%A9cve-2024-28867%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90/ <h1 id="未净化的指标名称或标签可用于接管导出的指标--cve-2024-28867">未净化的指标名称或标签可用于接管导出的指标 · CVE-2024-28867</h1> <p><strong>影响</strong> 在将未净化的字符串值应用于指标名称或标签的代码中,例如:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span><span class="lnt">3 </span><span class="lnt">4 </span><span class="lnt">5 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-swift" data-lang="swift"><span class="line"><span class="cl"><span class="kd">let</span> <span class="nv">lang</span> <span class="p">=</span> <span class="k">try</span><span class="p">?</span> <span class="n">request</span><span class="p">.</span><span class="n">query</span><span class="p">.</span><span class="kr">get</span><span class="p">(</span><span class="nb">String</span><span class="p">.</span><span class="kc">self</span><span class="p">,</span> <span class="n">at</span><span class="p">:</span> <span class="s">&#34;lang&#34;</span><span class="p">)</span> </span></span><span class="line"><span class="cl"><span class="n">Counter</span><span class="p">(</span> </span></span><span class="line"><span class="cl"> <span class="n">label</span><span class="p">:</span> <span class="s">&#34;language&#34;</span><span class="p">,</span> </span></span><span class="line"><span class="cl"> <span class="n">dimensions</span><span class="p">:</span> <span class="p">[(</span><span class="s">&#34;lang&#34;</span><span class="p">,</span> <span class="n">lang</span> <span class="p">??</span> <span class="s">&#34;unknown&#34;</span> <span class="p">)]</span> </span></span><span class="line"><span class="cl"><span class="p">)</span> </span></span></code></pre></td></tr></table> </div> </div><p>攻击者可以利用这一点,发送包含换行符、<code>}</code> 或类似字符的 <code>?lang</code> 查询参数,这可能导致攻击者接管导出的格式——包括创建无限数量的存储指标、增加服务器内存使用量或产生“虚假”指标。</p>