CVE-2025-5399 | cURL up to 8.14.0 WebSocket lib/ws.c curl_ws_send infinite loop (d1145df24de8f80e6b16)

A vulnerability classified as problematic was found in cURL up to 8.14.0. Affected by this vulnerability is the function curl_ws_send of the file lib/ws.c of the component WebSocket Handler. The manipulation leads to infinite loop.

This vulnerability is known as CVE-2025-5399. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More