Security Bulletin: IBM Datapower Operations Dashboard could be vulnerable to an out-of-memory (OOM) issue CVE-2025-2240

Summary Smallrye is used by the IBM Datapower Operations Dashboard for repository hosting including build, CI, and release publishing setup Vulnerability Details CVEID:CVE-2025-2240 DESCRIPTION: A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM...

CVE-2025-2240 vulnerabilities

Vulnerabilities for packages: wildfly, apicurio-registry...

CVE-2025-2240 vulnerabilities

Vulnerabilities for packages: wildfly, apicurio-registry...

CVE-2025-2240

creationtimestamp| type| source ---|---|--- 2025-03-12 17:01:11+00:00| seen| Telegram/MveSXve5Hx1iuO32dm7mrnWq9NYxtXsFLG2c04SagyG1F4 2025-03-19 07:49:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8033 2025-03-28 11:28:34+00:00| published-proof-of-concept|...

com.abavilla:fpi-bot-api (>=1.6.0 <=1.8.5), com.abavilla:fpi-bot-api-parent (>=1.6.0 <=1.8.5) +192 more potentially affected by CVE-2025-2240 via io.smallrye:smallrye-fault-tolerance-core (>=6.0.0-RC1 <=6.8.0)

io.smallrye:smallrye-fault-tolerance-core MAVEN version =6.0.0-RC1, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.0.25, =1.0.25, =1.5.0, =1.5.0, =1.3.1, =1.3.1, =1.3.4, =1.3.13 and more Source cves: CVE-2025-2240 Source advisory: SNYK:JAVA-IOSMALLRYE-9460816...

com.qwlabs.doraemon:task-queue (>=0.3.0 <=0.3.37), io.apicurio:apicurio-registry-app (>=3.0.4 <=3.0.6) +93 more potentially affected by CVE-2025-2240 via io.smallrye:smallrye-fault-tolerance-core (>=6.3.0 <=6.4.1)

io.smallrye:smallrye-fault-tolerance-core MAVEN version =6.3.0, =0.3.0, =3.0.4, =3.0.4, =3.0.4, =3.0.4, =0.34.0, =4.0.2, =4.0.2, =4.0.2, =3.10.0, =3.10.0, =6.3.0, =6.3.0, =6.3.0, =6.3.0, =6.4.1 and more Source cves: CVE-2025-2240 Source advisory:...