413 matches found
ALSA-2026:13902 Important: resource-agents security update
The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion...
AlmaLinux 8 : resource-agents (ALSA-2026:13902)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:13902 advisory. pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-30922 Tenable has extracted the preceding description block directly from the...
AlmaLinux 10 : fence-agents (ALSA-2026:13916)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13916 advisory. pyjwt: PyJWT accepts unknown crit header extensions RFC 7515 ?4.1.11 MUST violation CVE-2026-32597 pyasn1: pyasn1 Vulnerable to Denial of Service via...
RHEL 8 : resource-agents (RHSA-2026:13902)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:13902 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several servic...
RHEL 10 : fence-agents (RHSA-2026:13916)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13916 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion...
Oracle Linux 9 : fence-agents (ELSA-2026-13917)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13917 advisory. - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157201 - bundled cryptography: replace with dependency to fix CVE-2026-26007 Tenable has extracted the...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922
Summary IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for...
Security Bulletin: Location Service for ESRI Component uses cryptography-46.0.6, pyasn1-0.6.2, requests-2.32.5 and cryptography-46.0.5 library which were vulnerable to multiple CVEs
Summary Location Service for ESRI Component uses cryptography-46.0.6, pyasn1-0.6.2, requests-2.32.5 and cryptography-46.0.5 library which were vulnerable to CVE-2026-39892, CVE-2026-30922, CVE-2026-25645 and CVE-2026-34073 respectively. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyas...
Security Bulletin: IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922.
Summary IBM Edge Data Collector uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyas...
pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...
pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...
Security Bulletin: Vulnerability in pyasn1 affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in pyasn1 has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
An unbounded recursion flaw has been discovered in the pypi pyasn1 library. This uncontrolled recursion occurs when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing nested SEQUENCE 0x30 or SET 0x31 tags with Indefinite Length 0x80 markers. Thi...
pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID
A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service DoS f...
Security Bulletin: pyasn1 Uncontrolled Recursion in ASN.1 Decoding Enables Denial of Service
Summary pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested...
Security Bulletin: pyasn1 Memory Exhaustion via Malformed RELATIVE-OID Leads to Denial of Service
Summary pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2. Vulnerability Details CVEID:CVE-2026-23490...
MiracleLinux 8 : fence-agents-4.2.1-129.el8_10.25 (AXSA:2026-538:07)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-538:07 advisory. cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves CVE-2026-26007 pyjwt: PyJWT accepts unknown crit header...
Debian dla-4557 : pypy-pyasn1 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4557 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4557-1 [email protected] https://www.debian.org/lts/security/...
RHEL 8 : fence-agents (RHSA-2026:12176)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:12176 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...