CVE-2025-13836

ADVISORY - nist

Summary

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

EPSS Score⁠: 0.00087 (0.253)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

CWE-400⁠

Uncontrolled Resource Consumption

ADVISORY - redhat

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Impacted images

Advisories

Docker

CREATED

2 months ago

UPDATED

29 days ago

ADVISORY ID

CVE-2025-13836

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

NIST

CREATED

2 months ago

UPDATED

21 days ago

ADVISORY IDCVE-2025-13836⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠CWE-400⁠

CVSS SCORE

6.3medium

Debian

CREATED

2 months ago

UPDATED

3 hours ago

ADVISORY IDCVE-2025-13836⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

2 months ago

UPDATED

8 days ago

ADVISORY IDCVE-2025-13836⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.1medium

Amazon

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDALAS2023-2025-1343⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDALAS2023-2025-1344⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

25 days ago

UPDATED

25 days ago

ADVISORY IDALAS2023-2025-1356⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

2 months ago

UPDATED

28 days ago

ADVISORY ID

BIT-libpython-2025-13836

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.3medium

Bitnami

CREATED

2 months ago

UPDATED

28 days ago

ADVISORY ID

BIT-python-2025-13836

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.3medium

Bitnami

CREATED

2 months ago

UPDATED

28 days ago

ADVISORY ID

BIT-python-min-2025-13836

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.3medium

Red Hat

CREATED

2 months ago

UPDATED

15 days ago

ADVISORY IDCVE-2025-13836⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

6.8medium

Chainguard

CREATED

14 days ago

UPDATED

14 days ago

ADVISORY ID

CGA-q36p-p2gv-8p7v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

15 days ago

UPDATED

15 days ago

ADVISORY ID

CGA-w4w3-x2qg-rmqj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

MINI-2g48-5p3q-f6fj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

MINI-c9q9-8442-rf8x

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

MINI-f8jp-r88j-8rfj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

MINI-r259-ggrx-8x6c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

MINI-vmg4-g3vv-jfq4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY