Vulnerabilities

CVE-2025-13836

by Fred · 01/12/2025

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

More information : https://github.com/python/cpython/commit/4ce27904b597c77d74dd93f2c912676021a99155

Similar

Tags: Cybersecurity Alert