CVE-2025-13837
MEDIUM WAF: Medium
CVSS 5.5
Published: 2025-12-01
CWE-400
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| python | python | up to 3.13.10 |
| python | python | 3.14.0 - 3.14.1 |
| python | python | 3.15.0 |
| python | python | 3.15.0 |
References
- github.com
- github.com (Patch)
- github.com (Patch)
- github.com (Patch)
- github.com (Patch)
- github.com
- github.com (Issue Tracking, Patch)
- github.com (Issue Tracking, Patch)
- mail.python.org (Vendor Advisory)