VulnerableCode Package Details - pkg:maven/io.undertow/undertow-core@2.3.19.Final

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/io.undertow/undertow-core@2.3.19.Final

purl	pkg:maven/io.undertow/undertow-core@2.3.19.Final

Next non-vulnerable version	2.3.20.Final
Latest non-vulnerable version	2.4.0.Beta1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-ns3p-22xg-q3bz Aliases: CVE-2025-9784 GHSA-95h4-w6j8-2rp8	Undertow MadeYouReset HTTP/2 DDoS Vulnerability A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).	2.3.20.Final Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:39:47.614961+00:00	GitLab Importer	Affected by	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.4.0
2026-04-12T01:00:31.875485+00:00	GitLab Importer	Affected by	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.3.0
2026-04-03T01:08:43.582666+00:00	GitLab Importer	Affected by	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.1.0