CNNVD-202510-2560 Information

CNNVD ID

CNNVD-202510-2560

Related CVE

CVE-2025-11677

• CNNVD Published: 2025-10-20

Description (Chinese)

Libwebsockets是lws-team开源的一个规范的 libwebsockets 网络库。 Libwebsockets存在资源管理错误漏洞，该漏洞源于WebSocket服务器实现中存在释放后重用问题，可能导致拒绝服务攻击。

Description (English)

Libwebsockets is the libwebsockets repository of a norm open source of lws-team. Libwebsockets had an error in resource management, which stemmed from the release and reuse problems of the WebSocket server, which could lead to a denial of service attacks.

Hazard Level

Critical

Vulnerability Type

资源管理错误

Affected Vendor

lws-team

Published

2025-10-20

Last Modified

2026-02-24

References

https://libwebsockets.org/git/libwebsockets/commit?id=2f082ec31261f556969160143ba94875d783971a https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-11677 https://access.redhat.com/security/cve/cve-2025-11677

Patch

https://libwebsockets.org/git/libwebsockets/commit?id=2f082ec31261f556969160143ba94875d783971a