High severity7.5GHSA Advisory· Published Feb 26, 2025· Updated Apr 20, 2026
CVE-2025-1634
CVE-2025-1634
Description
A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.quarkus:quarkus-resteasyMaven | >= 3.16.0.CR1, < 3.19.1 | 3.19.1 |
io.quarkus:quarkus-resteasyMaven | >= 3.9.0.CR1, < 3.15.3.1 | 3.15.3.1 |
io.quarkus:quarkus-resteasyMaven | < 3.8.6.1 | 3.8.6.1 |
Affected products
8- osv-coords7 versionspkg:apk/chainguard/apicurio-registrypkg:apk/chainguard/apicurio-registry-nginx-configpkg:apk/chainguard/apicurio-registry-uipkg:apk/wolfi/apicurio-registrypkg:apk/wolfi/apicurio-registry-nginx-configpkg:apk/wolfi/apicurio-registry-uipkg:maven/io.quarkus/quarkus-resteasy
< 3.0.6-r2+ 6 more
- (no CPE)range: < 3.0.6-r2
- (no CPE)range: < 3.0.6-r2
- (no CPE)range: < 3.0.6-r2
- (no CPE)range: < 3.0.6-r2
- (no CPE)range: < 3.0.6-r2
- (no CPE)range: < 3.0.6-r2
- (no CPE)range: >= 3.16.0.CR1, < 3.19.1
Patches
Vulnerability mechanics
References
18- github.com/advisories/GHSA-4fwr-mh5q-hchhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-1634ghsaADVISORY
- access.redhat.com/errata/RHSA-2025:12511nvdWEB
- access.redhat.com/errata/RHSA-2025:1884nvdWEB
- access.redhat.com/errata/RHSA-2025:1885nvdWEB
- access.redhat.com/errata/RHSA-2025:2067nvdWEB
- access.redhat.com/errata/RHSA-2025:23417nvdWEB
- access.redhat.com/errata/RHSA-2025:9922nvdWEB
- access.redhat.com/security/cve/CVE-2025-1634nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/quarkusio/quarkus/commit/291296befabf659b71acbfc6e03a12bd09a920f8ghsaWEB
- github.com/quarkusio/quarkus/commit/30d949a4c54ba1057738849a804d2329c09e57beghsaWEB
- github.com/quarkusio/quarkus/commit/70ffbd00d71d43afa7eade32d6ed586cf927c237ghsaWEB
- github.com/quarkusio/quarkus/commit/80b8eb41678cdccb46e964dc324d048a5ef00f4bghsaWEB
- github.com/quarkusio/quarkus/issues/46412nvdWEB
- github.com/quarkusio/quarkus/pull/46419nvdWEB
- github.com/quarkusio/quarkus/pull/46425ghsaWEB
- github.com/quarkusio/quarkus/pull/46426ghsaWEB
News mentions
0No linked articles in our index yet.