Audit finding B4 — actual bug, LOW-MEDIUM.
Cron check-in durations are computed as currentTimeMillis() - start (wall clock):
sentry/src/main/java/io/sentry/util/CheckInUtils.java:64- Same pattern in
SentryCheckInAdvice across sentry-spring, sentry-spring-jakarta, and sentry-spring-7.
Cron jobs run long, giving wide exposure to wall-clock steps over the measured interval → wrong or negative durations reported.
Source: JAVA-557 §B4.
Audit finding B4 — actual bug, LOW-MEDIUM.
Cron check-in durations are computed as
currentTimeMillis() - start(wall clock):sentry/src/main/java/io/sentry/util/CheckInUtils.java:64SentryCheckInAdviceacrosssentry-spring,sentry-spring-jakarta, andsentry-spring-7.Cron jobs run long, giving wide exposure to wall-clock steps over the measured interval → wrong or negative durations reported.
Source: JAVA-557 §B4.