Skip to main content

Ubuntu EUVDEUVD-2025-200069

| CVE-2025-13837 MEDIUM
Uncontrolled Resource Consumption (CWE-400)
2025-12-01 cna@python.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM
qualitative
SUSE
MEDIUM
qualitative
Red Hat
5.9 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

4
EUVD ID Assigned
Mar 15, 2026 - 13:34 euvd
EUVD-2025-200069
Analysis Generated
Mar 15, 2026 - 13:34 vuln.today
Patch released
Mar 15, 2026 - 13:34 nvd
Patch available
CVE Published
Dec 01, 2025 - 18:16 nvd
MEDIUM 5.5

DescriptionCVE.org

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Analysis

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Technical ContextAI

A denial of service vulnerability allows an attacker to disrupt the normal functioning of a system, making it unavailable to legitimate users. This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400).

RemediationAI

A vendor patch is available — apply it immediately. Implement rate limiting and input validation. Use timeout mechanisms for resource-intensive operations. Deploy DDoS protection where applicable.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Vendor StatusVendor

Ubuntu

Priority: Medium
python2.7
Release Status Version
noble DNE -
plucky DNE -
questing DNE -
bionic ignored changes too intrusive
focal ignored changes too intrusive
jammy ignored changes too intrusive
trusty ignored changes too intrusive
xenial ignored changes too intrusive
upstream needs-triage -
python3.4
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
trusty ignored changes too intrusive
python3.5
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
trusty released 3.5.2-2ubuntu0~16.04.4~14.04.1+esm9
xenial released 3.5.2-2ubuntu0~16.04.13+esm21
python3.6
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
bionic released 3.6.9-1~18.04ubuntu1.13+esm8
python3.7
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
bionic released 3.7.5-2ubuntu1~18.04.2+esm9
python3.8
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
bionic released 3.8.0-3ubuntu1~18.04.2+esm9
focal released 3.8.10-0ubuntu1~20.04.18+esm5
python3.9
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
focal released 3.9.5-3ubuntu0~20.04.1+esm9
python3.10
Release Status Version
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
jammy released 3.10.12-1~22.04.14
python3.11
Release Status Version
noble DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
jammy released 3.11.0~rc1-1~22.04.1~esm8
python3.12
Release Status Version
jammy DNE -
plucky DNE -
questing DNE -
upstream needs-triage -
noble released 3.12.3-1ubuntu0.11
python3.13
Release Status Version
jammy DNE -
noble DNE -
plucky ignored end of life, was needs-triage
upstream released 3.13.11-1
questing released 3.13.7-1ubuntu0.3
python3.14
Release Status Version
jammy DNE -
noble DNE -
plucky DNE -
upstream released 3.14.2-1
questing released 3.14.0-1ubuntu0.2

Debian

Bug #1126782
pypy3
Release Status Fixed Version Urgency
bullseye vulnerable 7.3.5+dfsg-2+deb11u2 -
bullseye (security) vulnerable 7.3.5+dfsg-2+deb11u5 -
bookworm vulnerable 7.3.11+dfsg-2+deb12u3 -
trixie vulnerable 7.3.19+dfsg-2 -
forky, sid vulnerable 7.3.20+dfsg-4 -
(unstable) fixed (unfixed) -
python3.11
Release Status Fixed Version Urgency
bookworm vulnerable 3.11.2-6+deb12u6 -
bookworm (security) vulnerable 3.11.2-6+deb12u3 -
(unstable) fixed (unfixed) -
python3.13
Release Status Fixed Version Urgency
trixie vulnerable 3.13.5-2 -
forky, sid fixed 3.13.12-1 -
(unstable) fixed 3.13.11-1 -
python3.14
Release Status Fixed Version Urgency
forky fixed 3.14.3-1 -
sid fixed 3.14.3-2 -
(unstable) fixed 3.14.2-1 -
python3.9
Release Status Fixed Version Urgency
bullseye fixed 3.9.2-1+deb11u4 -
bullseye (security) fixed 3.9.2-1+deb11u5 -
(unstable) fixed (unfixed) -

SUSE

Severity: Medium
Product Status
Container suse/manager/4.3/proxy-httpd:4.3.16.2.9.73.6 Container suse/manager/4.3/proxy-salt-broker:4.3.16.2.9.63.6 Container suse/manager/4.3/proxy-ssh:4.3.16.2.9.63.5 Container suse/manager/4.3/proxy-tftpd:4.3.16.2.9.63.5 Container suse/manager/5.0/x86_64/proxy-httpd:latest Container suse/manager/5.0/x86_64/proxy-salt-broker:latest Container suse/manager/5.0/x86_64/proxy-ssh:latest Container suse/manager/5.0/x86_64/proxy-tftpd:latest Container suse/multi-linux-manager/5.1/x86_64/proxy-httpd:5.1.2.8.15.2 Container suse/multi-linux-manager/5.1/x86_64/proxy-squid:5.1.2.8.13.1 Container suse/multi-linux-manager/5.1/x86_64/proxy-ssh:5.1.2.8.13.1 Container suse/multi-linux-manager/5.1/x86_64/proxy-tftpd:5.1.2.8.13.1 Image SLES15-SP4-Micro-5-3-BYOS Image SLES15-SP4-Micro-5-3-BYOS-Azure Image SLES15-SP4-Micro-5-4-BYOS Image SLES15-SP4-Micro-5-4-BYOS-Azure Image SLES15-SP5-Micro-5-5 Image SLES15-SP5-Micro-5-5-Azure Image SLES15-SP5-Micro-5-5-BYOS Image SLES15-SP5-Micro-5-5-BYOS-Azure Image SLES15-SP5-Micro-5-5-EC2 Image SLES15-SP6-CHOST-BYOS Image SLES15-SP6-CHOST-BYOS-Aliyun Image SLES15-SP6-CHOST-BYOS-Azure Image SLES15-SP6-CHOST-BYOS-EC2 Image SLES15-SP6-CHOST-BYOS-GDC Image SLES15-SP6-CHOST-BYOS-SAP-CCloud Image SLES15-SP7-CHOST-BYOS-Aliyun Image SLES15-SP7-CHOST-BYOS-Azure Image SLES15-SP7-CHOST-BYOS-EC2 Image SLES15-SP7-CHOST-BYOS-GDC Image SLES15-SP7-CHOST-BYOS-SAP-CCloud Image proxy-httpd-image Image proxy-squid-image Image proxy-ssh-image Image proxy-tftpd-image Affected
Container suse/manager/5.0/x86_64/server-migration-14-16:latest Container suse/multi-linux-manager/5.1/x86_64/server-migration-14-16:5.1.2.8.13.1 Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro/5.2/toolbox:14.2-7.11.218 Image SLES15-SP6-CHOST-BYOS-GCE Image SLES15-SP7-CHOST-BYOS-GCE Image server-database-migration-image Image server-migration-14-16-image Affected
Container suse/manager/5.0/x86_64/server:latest Image SLES15-SP4-BYOS-Azure Image SLES15-SP4-BYOS-GCE Image SLES15-SP4-HPC-BYOS-Azure Image SLES15-SP4-HPC-BYOS-GCE Image SLES15-SP4-HPC-GCE Image SLES15-SP4-Hardened-BYOS-Azure Image SLES15-SP4-Hardened-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE Image SLES15-SP4-SAP-Azure Image SLES15-SP4-SAP-Azure-LI-BYOS Image SLES15-SP4-SAP-Azure-LI-BYOS-Production Image SLES15-SP4-SAP-Azure-VLI-BYOS Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production Image SLES15-SP4-SAP-BYOS-Azure Image SLES15-SP4-SAP-BYOS-GCE Image SLES15-SP4-SAP-GCE Image SLES15-SP4-SAP-Hardened Image SLES15-SP4-SAP-Hardened-Azure Image SLES15-SP4-SAP-Hardened-BYOS-Azure Image SLES15-SP4-SAP-Hardened-BYOS-GCE Image SLES15-SP4-SAP-Hardened-GCE Image SLES15-SP4-SAPCAL-Azure Image SLES15-SP4-SAPCAL-GCE Image SLES15-SP5-Azure-3P Image SLES15-SP5-Azure-Basic Image SLES15-SP5-Azure-Standard Image SLES15-SP5-BYOS-Azure Image SLES15-SP5-BYOS-GCE Image SLES15-SP5-GCE Image SLES15-SP5-HPC-Azure Image SLES15-SP5-HPC-BYOS-Azure Image SLES15-SP5-HPC-BYOS-GCE Image SLES15-SP5-Hardened-BYOS-Azure Image SLES15-SP5-Hardened-BYOS-GCE Image SLES15-SP5-SAP-Azure-3P Image SLES15-SP5-SAP-BYOS-Azure Image SLES15-SP5-SAP-BYOS-GCE Image SLES15-SP5-SAP-Hardened-Azure Image SLES15-SP5-SAP-Hardened-BYOS-Azure Image SLES15-SP5-SAP-Hardened-BYOS-GCE Image SLES15-SP5-SAP-Hardened-GCE Image SLES15-SP5-SAPCAL-Azure Image SLES15-SP5-SAPCAL-GCE Image SLES15-SP6-BYOS-GCE Image SLES15-SP6-GCE Image SLES15-SP6-HPC-BYOS-GCE Image SLES15-SP6-HPC-GCE Image SLES15-SP6-Hardened-BYOS-GCE Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure-LI-BYOS Image SLES15-SP6-SAP-Azure-LI-BYOS-Production Image SLES15-SP6-SAP-Azure-VLI-BYOS Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production Image SLES15-SP6-SAP-BYOS-GCE Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAP-Hardened Image SLES15-SP6-SAP-Hardened-BYOS-GCE Image SLES15-SP6-SAP-Hardened-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-GCE Image SLES15-SP7-GCE Image SLES15-SP7-GCE-3P Image SLES15-SP7-SAP-GCE Image SLES15-SP7-SAP-GCE-3P Image SLES15-SP7-SAP-Hardened-GCE Image SLES15-SP7-SAPCAL-GCE Affected
Container suse/multi-linux-manager/5.1/x86_64/proxy-salt-broker:5.1.2.9.13.2 Image SLES15-SP6-EC2-ECS-HVM Image SLES15-SP7-EC2-ECS-HVM Image proxy-salt-broker-image Affected
Container suse/multi-linux-manager/5.1/x86_64/server-saline:5.1.2.9.13.1 Image server-saline-image Affected

Share

EUVD-2025-200069 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy