Ecosystem	Package	Version

Vulnerabilities

CVE-2025-13837

CVE-2025-13837

When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues

Published Dec 2, 2025

https://github.com/python/cpython/issues/119342

CVSS ScoreMedium

5.5

Ecosystem	Package	Version


npm	@abi-software/celldl-editor	0.20260109.0
npm	@abi-software/celldl-editor	0.20260109.1
npm	@abi-software/celldl-editor	0.20260114.1
npm	@abi-software/celldl-editor	0.20260114.2
npm	@abi-software/celldl-editor	0.20260114.3
npm	@abi-software/celldl-editor	0.20260114.5
npm	@abi-software/celldl-editor	0.20260115.0
npm	@abi-software/celldl-editor	0.20260121.1
npm	@alauda/doom	0.13.1
npm	@alauda/doom	0.13.2
npm	@alauda/doom	0.13.3
npm	@alauda/doom	0.14.0
npm	@alauda/doom	0.14.10
npm	@alauda/doom	0.14.11
npm	@alauda/doom	0.14.12
npm	@alauda/doom	0.14.13
npm	@alauda/doom	0.14.14
npm	@alauda/doom	0.14.15
npm	@alauda/doom	0.14.16
npm	@alauda/doom	0.14.17
npm	@alauda/doom	0.14.18
npm	@alauda/doom	0.14.19
npm	@alauda/doom	0.14.1
npm	@alauda/doom	0.14.20
npm	@alauda/doom	0.14.21
npm	@alauda/doom	0.14.2
npm	@alauda/doom	0.14.3
npm	@alauda/doom	0.14.4
npm	@alauda/doom	0.14.5
npm	@alauda/doom	0.14.6
npm	@alauda/doom	0.14.7
npm	@alauda/doom	0.14.8
npm	@alauda/doom	0.14.9
npm	@alauda/doom	0.15.0
npm	@alauda/doom	0.15.10
npm	@alauda/doom	0.15.11
npm	@alauda/doom	0.15.1
npm	@alauda/doom	0.15.2
npm	@alauda/doom	0.15.3
npm	@alauda/doom	0.15.4
npm	@alauda/doom	0.15.5
npm	@alauda/doom	0.15.6
npm	@alauda/doom	0.15.7
npm	@alauda/doom	0.15.8
npm	@alauda/doom	0.15.9
npm	@alauda/doom	0.16.0
npm	@alauda/doom	0.16.1-alpha.0
npm	@alauda/doom	0.16.1-alpha.1
npm	@alauda/doom	0.16.1-alpha.2
npm	@alauda/doom	0.16.1

CVE-2025-13837 | Components Impacted | Sonatype Guide | Sonatype Guide