USN-7951-1 Unknown

USN-7951-1: Python vulnerability

Canonical (Ubuntu) Released: January 12, 2026 Updated: January 14, 2026 Restart Required

Description

It was discovered that Python's http.client did not properly handle the Content-Length header in HTTP responses. A malicious server could exploit this to cause Python to allocate excessive memory, leading to a denial of service.

Fixed Vulnerabilities 1

CVE-2025-13836 N/A 0.0 ⚠️ KEV fixed

Dec 01, 2025

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a…

Quick Info

Patch ID: USN-7951-1

Vendor: Canonical (Ubuntu)

Severity: Unknown

CVEs Fixed: 1

Restart: Required

Vendor

Canonical (Ubuntu)

Additional Info

action:

usn id: USN-7951-1

summary: Python could be made to crash if it received specially crafted network traffic.

usn number: 7951-1

instructions: In general, a standard system update will make all the necessary changes.

CVE Vulnerabilities

Posts & Pages