Maven package
io.smallrye/smallrye-fault-tolerance-core
pkg:maven/io.smallrye/smallrye-fault-tolerance-core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-2240 | Hig | 7.5 | >= 6.3.0, < 6.4.2 | 6.4.2 | Mar 12, 2025 | A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue. |
- affected >= 6.3.0, < 6.4.2fixed 6.4.2
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue.