CVE-2025-5399 – “Libcurl WebSocket DoS Vulnerability”

CVE ID : CVE-2025-5399

Published : June 7, 2025, 8:15 a.m. | 34 minutes ago

Description : Due to a mistake in libcurl’s WebSocket code, a malicious server can send a
particularly crafted packet which makes libcurl get trapped in an endless
busy-loop.

There is no other way for the application to escape or exit this loop other
than killing the thread/process.

This might be used to DoS libcurl-using application.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…