VulnerableCode Package Details - pkg:deb/debian/python3.13@3.13.5-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/python3.13@3.13.5-2

Essentials
History (36)

purl	pkg:deb/debian/python3.13@3.13.5-2

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.4

Vulnerabilities affecting this package (12)

Vulnerability	Summary	Fixed by
VCID-1uk5-6yqb-dyb5 Aliases: CVE-2025-13837	cpython: Out-of-memory when loading Plist	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-8b19-pezx-6bcd Aliases: CVE-2026-0865	cpython: wsgiref.headers.Headers allows header newline injection in Python	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-8dtv-379a-wqfs Aliases: CVE-2025-13836	cpython: Excessive read buffering DoS in http.client	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-94n7-6q4s-3udv Aliases: CVE-2025-15282	cpython: Header injection via newlines in data URL mediatype in Python	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-bn83-d2qp-9bfy Aliases: CVE-2025-11468	cpython: Missing character filtering in Python	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-emaw-jmek-9bcy Aliases: CVE-2025-6069	cpython: Python HTMLParser quadratic complexity	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fcsb-dn49-47gy Aliases: CVE-2025-6075	python: Quadratic complexity in os.path.expandvars() with user-controlled template	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-kn9b-2gxw-gqgx Aliases: CVE-2026-1299	cpython: email header injection due to unquoted newlines	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mtk7-qut6-syd8 Aliases: CVE-2025-8194	cpython: Cpython infinite loop when parsing a tarfile	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-nqqc-u8d5-8qf6 Aliases: CVE-2025-12084	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-zh1r-7rzh-2bez Aliases: CVE-2026-0672	cpython: Header injection in http.cookies.Morsel in Python	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-znkr-fxtj-4uc7 Aliases: CVE-2025-8291	cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked	3.13.12-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:12:54.871118+00:00	Debian Importer	Affected by	VCID-8b19-pezx-6bcd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T13:08:53.080522+00:00	Debian Importer	Affected by	VCID-zh1r-7rzh-2bez	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:40:37.465204+00:00	Debian Importer	Affected by	VCID-bn83-d2qp-9bfy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:28:47.551113+00:00	Debian Importer	Affected by	VCID-94n7-6q4s-3udv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:28:28.952590+00:00	Debian Importer	Affected by	VCID-8dtv-379a-wqfs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:57:11.885638+00:00	Debian Importer	Affected by	VCID-znkr-fxtj-4uc7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:56:03.895532+00:00	Debian Importer	Affected by	VCID-1uk5-6yqb-dyb5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:20:25.700958+00:00	Debian Importer	Affected by	VCID-mtk7-qut6-syd8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:20:17.937941+00:00	Debian Importer	Affected by	VCID-fcsb-dn49-47gy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:18:17.272109+00:00	Debian Importer	Affected by	VCID-emaw-jmek-9bcy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:00:24.079080+00:00	Debian Importer	Affected by	VCID-nqqc-u8d5-8qf6	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:47:15.720945+00:00	Debian Importer	Affected by	VCID-kn9b-2gxw-gqgx	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:05:46.582510+00:00	Debian Importer	Affected by	VCID-8b19-pezx-6bcd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T09:02:39.785196+00:00	Debian Importer	Affected by	VCID-zh1r-7rzh-2bez	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:41:18.009989+00:00	Debian Importer	Affected by	VCID-bn83-d2qp-9bfy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:32:38.377034+00:00	Debian Importer	Affected by	VCID-94n7-6q4s-3udv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:32:23.805830+00:00	Debian Importer	Affected by	VCID-8dtv-379a-wqfs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:09:35.809439+00:00	Debian Importer	Affected by	VCID-znkr-fxtj-4uc7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:24:48.303902+00:00	Debian Importer	Affected by	VCID-1uk5-6yqb-dyb5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:57:44.530437+00:00	Debian Importer	Affected by	VCID-mtk7-qut6-syd8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:57:39.661842+00:00	Debian Importer	Affected by	VCID-fcsb-dn49-47gy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:56:07.246454+00:00	Debian Importer	Affected by	VCID-emaw-jmek-9bcy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:42:30.472950+00:00	Debian Importer	Affected by	VCID-nqqc-u8d5-8qf6	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:32:16.195614+00:00	Debian Importer	Affected by	VCID-kn9b-2gxw-gqgx	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T20:03:02.035666+00:00	Debian Importer	Affected by	VCID-8b19-pezx-6bcd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T20:00:56.351464+00:00	Debian Importer	Affected by	VCID-zh1r-7rzh-2bez	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:47:09.634903+00:00	Debian Importer	Affected by	VCID-bn83-d2qp-9bfy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:41:28.386707+00:00	Debian Importer	Affected by	VCID-94n7-6q4s-3udv	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:41:18.168691+00:00	Debian Importer	Affected by	VCID-8dtv-379a-wqfs	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:26:09.354744+00:00	Debian Importer	Affected by	VCID-znkr-fxtj-4uc7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:55:35.810839+00:00	Debian Importer	Affected by	VCID-1uk5-6yqb-dyb5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:37:41.458026+00:00	Debian Importer	Affected by	VCID-mtk7-qut6-syd8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:37:38.148038+00:00	Debian Importer	Affected by	VCID-fcsb-dn49-47gy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:36:42.633454+00:00	Debian Importer	Affected by	VCID-emaw-jmek-9bcy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:27:37.169693+00:00	Debian Importer	Affected by	VCID-nqqc-u8d5-8qf6	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:20:38.948771+00:00	Debian Importer	Affected by	VCID-kn9b-2gxw-gqgx	https://security-tracker.debian.org/tracker/data/json	38.1.0