The ByteRange.parse() method in io.undertow.util.ByteRange incorrectly accepts suffix-range specifications with zero suffix-length (e.g., bytes=-0), which violates RFC 9110.

•  https://www.rfc-editor.org/rfc/rfc9110.html#name-byte-ranges

• https://github.com/undertow-io/undertow/blob/main/core/src/main/java/io/undertow/util/ByteRange.java#L88

```

For a GET request, a valid bytes range-spec is satisfiable if it is either:

• an int-range with a first-pos that is less than the current length of the selected representation or
• a suffix-range with a non-zero suffix-length"

```

This leads to -0 being accepted as a valid range and us returning content of range length 0 and size 0 as we skip the check here -

• https://github.com/undertow-io/undertow/blob/main/core/src/main/java/io/undertow/util/ByteRange.java#L150-L156