Fabre

#1113825 python-xmltodict: CVE-2025-9375 #1113825

Package:: src:python-xmltodict

Source:: src:python-xmltodict

Submitter:: Salvatore Bonaccorso

Date:: 2026-06-28 18:03:02 UTC

Severity:: normal

Tags:

#1113825#5

Date:: 2025-09-03 06:27:05 UTC

From:

To:

Hi,

The following vulnerability was published for python-xmltodict.

CVE-2025-9375[0]:
| XML Injection vulnerability in xmltodict allows Input Data
| Manipulation.This issue affects xmltodict: 0.14.2.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-9375
https://www.cve.org/CVERecord?id=CVE-2025-9375
[1] https://github.com/martinblech/xmltodict/issues/377

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

#1113825#14

Date:: 2026-06-28 18:00:46 UTC

From:

To:

Dear maintainer,

I've prepared an NMU for python-xmltodict (versioned as 0.13.0-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I should cancel it.

cu
Adrian

#1113825 python-xmltodict: CVE-2025-9375 #1113825

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)