13 matches found
Security Bulletin: IBM Event Streams is vulnerable to a denial of service (CVE-2025-2240)
Summary IBM Event Streams is vulnerable to a denial of service due to an out‑of‑memory condition in smallrye-fault-tolerance. Vulnerability Details CVEID:CVE-2025-2240 DESCRIPTION: A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This...
smallrye-fault-tolerance: SmallRye Fault Tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
smallrye-fault-tolerance: SmallRye Fault Tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
smallrye-fault-tolerance: SmallRye Fault Tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.15.4 release and security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Out-of-Memory (OOM)
io.smallrye, smallrye-fault-tolerance-core is vulnerable to an out-of-memory OOM. The vulnerability is due to uncontrolled object creation in meterMap when calling the metrics URI, allowing an attacker to trigger excessive memory consumption and cause a denial of service DoS condition...
com.abavilla:fpi-bot-api (>=1.6.0 <=1.8.5), com.abavilla:fpi-bot-api-parent (>=1.6.0 <=1.8.5) +204 more potentially affected by CVE-2025-2240 via io.smallrye:smallrye-fault-tolerance-core (>=6.0.0-RC1 <=6.8.0)
io.smallrye:smallrye-fault-tolerance-core MAVEN version =6.0.0-RC1, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.0.25, =1.0.25, =1.5.0, =1.5.0, =1.3.1, =1.3.1, =1.3.4, =1.3.13 and more Source cves: CVE-2025-2240 Source advisory: SNYK:JAVA-IOSMALLRYE-9460816...
com.qwlabs.doraemon:task-queue (>=0.3.38 <=0.3.54), hu.icellmobilsoft.reactive.messaging.redisstream:quarkus-reactive-messaging-redisstream-extension-sample (>=1.0.4 <=1.3.0) +34 more potentially affected by CVE-2025-2240 via io.smallrye:smallrye-fault-tolerance-core (>=6.5.0 <=6.8.0)
io.smallrye:smallrye-fault-tolerance-core MAVEN version =6.5.0, =0.3.38, =1.0.4, =0.38.0, =3.16.0, =3.20.0.CR1 and more Source cves: CVE-2025-2240 Source advisory: OSV:GHSA-GFH6-3PQW-X2J4https://...
com.qwlabs.doraemon:task-queue (>=0.3.0 <=0.3.37), io.apicurio:apicurio-registry-app (>=3.0.4 <=3.0.6) +94 more potentially affected by CVE-2025-2240 via io.smallrye:smallrye-fault-tolerance-core (>=6.3.0 <=6.4.1)
io.smallrye:smallrye-fault-tolerance-core MAVEN version =6.3.0, =0.3.0, =3.0.4, =3.0.4, =3.0.4, =3.0.4, =0.34.0, =4.0.2, =4.0.2, =4.0.2, =3.10.0, =3.10.0, =6.3.0, =6.3.0, =6.3.0, =6.3.0, =6.4.1 and more Source cves: CVE-2025-2240 Source advisory:...
GHSA-GFH6-3PQW-X2J4 SmallRye Fault Tolerance out-of-memory (OOM) issue
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
SmallRye Fault Tolerance out-of-memory (OOM) issue
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240 Smallrye-fault-tolerance: smallrye fault tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240 Smallrye-fault-tolerance: smallrye fault tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...