-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| io.smallrye:smallrye-fault-tolerance-core | maven | >= 6.3.0, < 6.4.2 | 6.4.2 |
| io.smallrye:smallrye-fault-tolerance-core | maven | >= 6.5.0, < 6.9.0 | 6.9.0 |
Miggo AIRoot Cause AnalysisThe vulnerability stemmed from metrics-related code paths that generated UUID-based identifiers when no description was provided. The key functions were:
These functions collectively caused meterMap to grow indefinitely when users created multiple unnamed Guard/TypedGuard instances. The commit fixed this by adding 'enabled' checks and skipping metrics emission when no description was set.
Ongoing coverage of React2Shell