Lucene search
K

122 matches found

OSV
OSV
added 2026/03/27 2:7 p.m.5 views

OESA-2026-1779 python-pyasn1 security update

Abstract Syntax Notation One ASN.1 is a technology for exchanging structured data in a universally understood, hardware agnostic way. Many industrial, security and telephony applications heavily rely on ASN.1. The pyasn1 library implements ASN.1 support in pure-Python. Security Fixes: The pyasn1...

7.5CVSS5.9AI score0.0058EPSS
Exploits1References2
OSV
OSV
added 2026/03/27 2:7 p.m.5 views

OESA-2026-1775 python-pyasn1 security update

Abstract Syntax Notation One ASN.1 is a technology for exchanging structured data in a universally understood, hardware agnostic way. Many industrial, security and telephony applications heavily rely on ASN.1. The pyasn1 library implements ASN.1 support in pure-Python. Security Fixes: The pyasn1...

7.5CVSS5.9AI score0.0058EPSS
Exploits1References2
OSV
OSV
added 2026/03/23 7:16 p.m.3 views

DEBIAN-CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS7.3AI score0.00417EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/23 6:53 p.m.21 views

CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS0.00417EPSS
Exploits1References4
OSV
OSV
added 2026/03/23 6:53 p.m.9 views

CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS5.9AI score0.00417EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/03/23 6:53 p.m.5 views

CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS7.1AI score0.00417EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/03/19 12:25 a.m.5 views

SUSE CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS7.1AI score0.0058EPSS
Exploits1References16
RedhatCVE
RedhatCVE
added 2026/03/18 10:14 p.m.13 views

CVE-2026-30922

An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...

7.5CVSS6.9AI score0.0058EPSS
Exploits1References5
NVD
NVD
added 2026/03/18 4:17 a.m.2 views

CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS0.0058EPSS
Exploits1References4
OSV
OSV
added 2026/03/18 4:17 a.m.7 views

DEBIAN-CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS6.9AI score0.0058EPSS
Exploits1References1
OSV
OSV
added 2026/03/18 2:29 a.m.6 views

CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS6.9AI score0.0058EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/18 2:29 a.m.3 views

CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS7.1AI score0.0058EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/18 2:29 a.m.4 views

CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS5.8AI score0.00679EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/03/18 2:29 a.m.106 views

CVE-2026-30922

CVE-2026-30922 affects the Python pyasn1 library. Prior to version 0.6.3, parsing deeply nested ASN.1 data with thousands of nested SEQUENCE/SET tags and Indefinite Length markers can trigger uncontrolled recursion, causing a RecursionError or exhausting memory (OOM) and crashing the host applica...

7.5CVSS7.1AI score0.0058EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/03/17 4:17 p.m.3 views

GHSA-JR27-M4P2-RC6R Denial of Service in pyasn1 via Unbounded Recursion

Summary The pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. This...

7.5CVSS7.1AI score0.0058EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : skopeo-1.14.5-2.el9_4 (AXSA:2024-8905:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8905:05 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

7.5CVSS7.6AI score0.01127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8861:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8861:01 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...

7.5CVSS7.7AI score0.01414EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.2 views

MiracleLinux 9 : containernetworking-plugins-1.5.1-3.el9_5 (AXSA:2024-9487:07)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9487:07 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

7.5CVSS7.8AI score0.01127EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/03 6:55 p.m.8 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the xml.dom.minidom methods like appendChild due to the dependancy on the clearidcache algorithm when processing excessively nested XML documents. An attacker can exhaust system resources and impact...

7.5CVSS6.4AI score0.00708EPSS
Exploits0References2
OSV
OSV
added 2025/11/27 9:19 a.m.12 views

CLSA-2025-1764235184 jackson-core: Fix of CVE-2025-52999

CVE-2025-52999: add StreamReadConstraints to protect against DoS attacks via deeply nested structures and oversized inputs...

8.7CVSS6.8AI score0.00634EPSS
Exploits0References1
Rows per page
Query Builder