PT-2025-48536 · Python+5 · Python+5
Serhiy Storchaka
+1
·
Published
2024-05-21
·
Updated
2026-05-19
·
CVE-2025-13837
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
python3.9
python3.11
python3.13
Description
The plistlib module does not properly validate the size of plist files during loading. A malicious plist file can specify a size that causes the module to attempt to allocate an excessive amount of memory, leading to an out-of-memory (OOM) condition and potential denial-of-service (DoS) issues.
Recommendations
For python3.9, avoid loading plist files from untrusted sources.
For python3.11, avoid loading plist files from untrusted sources.
For python3.13, avoid loading plist files from untrusted sources.
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Linuxmint
Python
Red Os
Rocky Linux
Ubuntu