All intelligence
// vulnerability record
live · NVDCVE-2025-2240
HIGHpublished 2025-03-12 15:15 UTC · 1 year ago · modified 2026-06-17 09:06 UTC
7.5
CVSS / 10
// description
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
// weaknesses (CWE)
- CWE-1325