CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9784

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.4%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2025-9784

Redhat » Build Of Apache Camel For Spring Boot » Version: N/A

cpe:2.3:a:redhat:build_of_apache_camel_for_spring_boot:-
Redhat » Fuse » Version: 7.0.0

cpe:2.3:a:redhat:fuse:7.0.0
Redhat » Jboss Enterprise Application Platform » Version: 7.0.0

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0
Redhat » Jboss Enterprise Application Platform » Version: 8.0.0

cpe:2.3:a:redhat:jboss_enterprise_application_platform:8.0.0
Redhat » Jboss Enterprise Application Platform Expansion Pack » Version: N/A

cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-
Redhat » Process Automation » Version: 7.0

cpe:2.3:a:redhat:process_automation:7.0
Redhat » Single Sign-On » Version: 7.0

cpe:2.3:a:redhat:single_sign-on:7.0
Redhat » Undertow » Version: N/A

cpe:2.3:a:redhat:undertow:-
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0
Redhat » Enterprise Linux » Version: 9.0

cpe:2.3:o:redhat:enterprise_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-9784

Products

Pricing

Contact Us