Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 12:12 a.m.8 views

undertow: Undertow MadeYouReset HTTP/2 DDoS Vulnerability

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

7.5CVSS5.7AI score0.0217EPSS
Exploits1References8
Veracode
Veracode
added 2025/09/30 6:53 a.m.8 views

Denial Of Service (DoS)

io.undertow, undertow-core is vulnerable to Denial of Service DoS. The vulnerability is due to malformed client requests triggering server-side stream resets without abuse counters, which allows an attacker to repeatedly cause stream aborts and induce excessive server workload...

7.5CVSS7AI score0.0217EPSS
Exploits1References26Affected Software1
NVD
NVD
added 2025/09/02 2:15 p.m.7 views

CVE-2025-9784

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

7.5CVSS0.0217EPSS
Exploits1References20
Amazon
Amazon
added 2024/10/14 12:0 a.m.3 views

Medium: openssl

Issue Overview: Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause...

7.5CVSS6.9AI score0.01083EPSS
Exploits0
Rows per page
Query Builder