« List of all CVEs

CVE-2025-13837

Out-of-memory when loading Plist

Published: 12/1/2025 Last updated: 1/7/2026 Reserved: 12/1/2025

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

CNA assigner: PSF (28c92f92-d60d-412d-b760-e73465c3df22) Requested by: n/a

Metrics

Version Score Severity Vector String
4.0 2.1 Low CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:L/SA:N

Opam packages affected (7)

conf-python-2-7 conf-python-2-7-dev conf-python-3 conf-python-3-7 conf-python-3-dev py termbox

Products affected (1)

Product Vendor Version
CPython Python Software Foundation <= 5.16.*

References (14)