Server-Side Stream Reset Flaw in Undertow by Red Hat
CVE-2025-9784

7.5HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Build Of Apache Camel For Spring Boot 4; Red Hat Build Of Apache Camel - Hawtio 4; Red Hat Data Grid 8; Red Hat Enterprise Linux 10
Vendor: CVE Published:; 2 September 2025

What is CVE-2025-9784?

A vulnerability exists in Undertow that allows malformed client requests to induce server-side stream resets, externalizing server management. This exploitation can lead to a denial of service (DoS) scenario by overwhelming server resources with continuous stream aborts, thereby affecting overall service availability. This issue accentuates the risks posed by common implementation weaknesses present in server-client architectures.

References

https://access.redhat.com/security/cve/CVE-2025-9784

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2392306

issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 2, 2025
Vulnerability Reserved
Sep 1, 2025