VulnerableCode Package Details - pkg:maven/io.undertow/undertow-core@2.3.20.Final

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ns3p-22xg-q3bz	Undertow MadeYouReset HTTP/2 DDoS Vulnerability A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).	CVE-2025-9784 GHSA-95h4-w6j8-2rp8

Vulnerability

Summary

Aliases

VCID-ns3p-22xg-q3bz

Undertow MadeYouReset HTTP/2 DDoS Vulnerability A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).

CVE-2025-9784
GHSA-95h4-w6j8-2rp8

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:39:47.618115+00:00	GitLab Importer	Fixing	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.4.0
2026-04-12T01:00:31.879025+00:00	GitLab Importer	Fixing	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.3.0
2026-04-07T04:58:39.655327+00:00	GHSA Importer	Fixing	VCID-ns3p-22xg-q3bz	https://github.com/advisories/GHSA-95h4-w6j8-2rp8	38.1.0
2026-04-03T01:08:43.585978+00:00	GitLab Importer	Fixing	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.1.0
2026-04-02T12:42:06.382832+00:00	GitLab Importer	Fixing	VCID-ns3p-22xg-q3bz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.undertow/undertow-core/CVE-2025-9784.yml	38.0.0
2026-04-01T12:55:03.009563+00:00	GithubOSV Importer	Fixing	VCID-ns3p-22xg-q3bz	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/09/GHSA-95h4-w6j8-2rp8/GHSA-95h4-w6j8-2rp8.json	38.0.0