AZL-71267

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71267.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-71267
Upstream
Published
2025-12-01T18:16:04Z
Modified
2026-04-01T05:22:31.233669Z
Summary
CVE-2025-13837 affecting package python3 for versions less than 3.12.9-7
Details

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

References

Affected packages

Azure Linux:3 / python3

Package

Name
python3
Purl
pkg:rpm/azure-linux/python3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.9-7

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71267.json"