CVE-2025-9784

⚠️ high

Summary

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).

CVSS Score

7.5

High

EPSS Score

0.4

Exploit Probability

Published Date

2025-09-02

First Seen: 2026-01-05

Last Modified 2026-01-08

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE IDs (Weakness Types)

CWE-770 CWE-404

🔗 References 11

https://access.redhat.com/errata/RHSA-2025:23143

https://access.redhat.com/errata/RHSA-2026:0383

https://access.redhat.com/errata/RHSA-2026:0384

https://access.redhat.com/errata/RHSA-2026:0386

https://access.redhat.com/security/cve/CVE-2025-9784

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2392306

Issue Tracking

https://github.com/undertow-io/undertow/pull/1778

https://github.com/undertow-io/undertow/releases/tag...

https://issues.redhat.com/browse/UNDERTOW-2598

https://kb.cert.org/vuls/id/767506

https://www.kb.cert.org/vuls/id/767506

📦 Affected Products 10

Vendor	Product	Status	Affected Versions
redhat	enterprise_linux	Affected	v8.0
redhat	enterprise_linux	Affected	v9.0
redhat	jboss_enterprise_application_platform	Affected	v7.0.0
redhat	jboss_enterprise_application_platform	Affected	v8.0.0
redhat	undertow	Affected	v-
redhat	single_sign-on	Affected	v7.0
redhat	process_automation	Affected	v7.0
redhat	fuse	Affected	v7.0.0
redhat	jboss_enterprise_application_platform_expansion_pack	Affected	v-
redhat	build_of_apache_camel_for_spring_boot	Affected	v-

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-14512	🔶 medium	6.5	0.1	A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer ov...	2025-12-11
CVE-2025-14087	🔶 medium	5.6	0.3	A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a...	2025-12-10
CVE-2025-8283	ℹ️ low	3.7	0.0	A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman se...	2025-07-28
CVE-2025-7519	🔶 medium	6.7	0.0	A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds wri...	2025-07-14
CVE-2025-32988	🔶 medium	6.5	0.1	A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the expo...	2025-07-10
CVE-2025-32989	🔶 medium	5.3	0.1	A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Cert...	2025-07-10

These CVEs affect the same products