CVE-2025-12543

Aliases:GHSA-j382-5jj3-vw4j

Advisory lineage Upstream: 0 Downstream: 10

Downstream

DEBIAN-CVE-2025-12543 RHSA-2026:0383 RHSA-2026:0384 RHSA-2026:3889 RHSA-2026:3891 RHSA-2026:4915

Modified

Published: 07 Jan 2026, 16:04

Last modified:06 May 2026, 14:33

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.6 CRITICAL

v3.1 (cve.org)

EPSS Score

0.05% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

07 Jan 2026, 16:04

Published

Vulnerability first disclosed

06 May 2026, 14:33

Last Modified

Vulnerability information updated

Description

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.

CVSS Metrics

v3.1•CRITICAL•Score: 9.6CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
v3.1•CRITICAL•Score: 9.6CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.05%• Percentile: 16%

Techniques & Countermeasures

CWE-20•Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Affected Systems

io.undertow•undertow-core
< 2.3.21.Final | ≥ 2.3.0.Alpha1, < 2.3.21.Final | < 2.2.39.Final
redhat•build_of_apache_camel
< 4.14.4
redhat•data_grid
8.0
redhat•fuse
7.0.0
redhat•jboss_enterprise_application_platform
≥ 8.0, < 8.0.12 | ≥ 8.1.0, < 8.1.3 | na | 7.0.0
redhat•jboss_enterprise_application_platform_expansion_pack
na
redhat•process_automation
7.0
redhat•single_sign-on
7.0
redhat•undertow
< 2.2.39 | ≥ 2.3.0, < 2.3.21