Security Advisory

CVE-2025-13836

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-01 18:02:38

Last updated 2026-03-03 14:41:48

Assigner PSF

State PUBLISHED

Description

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.

← Browse all CVEs View on cve.org ↗