122 matches found
OESA-2026-1779 python-pyasn1 security update
Abstract Syntax Notation One ASN.1 is a technology for exchanging structured data in a universally understood, hardware agnostic way. Many industrial, security and telephony applications heavily rely on ASN.1. The pyasn1 library implements ASN.1 support in pure-Python. Security Fixes: The pyasn1...
OESA-2026-1775 python-pyasn1 security update
Abstract Syntax Notation One ASN.1 is a technology for exchanging structured data in a universally understood, hardware agnostic way. Many industrial, security and telephony applications heavily rely on ASN.1. The pyasn1 library implements ASN.1 support in pure-Python. Security Fixes: The pyasn1...
DEBIAN-CVE-2026-26209
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads
cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...
SUSE CVE-2026-30922
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
CVE-2026-30922
An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...
CVE-2026-30922
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
DEBIAN-CVE-2026-30922
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
CVE-2026-30922
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...
CVE-2026-30922
CVE-2026-30922 affects the Python pyasn1 library. Prior to version 0.6.3, parsing deeply nested ASN.1 data with thousands of nested SEQUENCE/SET tags and Indefinite Length markers can trigger uncontrolled recursion, causing a RecursionError or exhausting memory (OOM) and crashing the host applica...
GHSA-JR27-M4P2-RC6R Denial of Service in pyasn1 via Unbounded Recursion
Summary The pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. This...
MiracleLinux 9 : skopeo-1.14.5-2.el9_4 (AXSA:2024-8905:05)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8905:05 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...
MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8861:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8861:01 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...
MiracleLinux 9 : containernetworking-plugins-1.5.1-3.el9_5 (AXSA:2024-9487:07)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9487:07 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...
Inefficient Algorithmic Complexity
Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the xml.dom.minidom methods like appendChild due to the dependancy on the clearidcache algorithm when processing excessively nested XML documents. An attacker can exhaust system resources and impact...
CLSA-2025-1764235184 jackson-core: Fix of CVE-2025-52999
CVE-2025-52999: add StreamReadConstraints to protect against DoS attacks via deeply nested structures and oversized inputs...