Lucene search
+L

442 matches found

RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-59884

A flaw was found in pyasn1, a generic ASN.1 library for Python. The Basic Encoding Rules BER decoder, used by CER and DER codecs, processes long-form tags by accumulating continuation octets without an upper bound. A remote attacker can exploit this by providing a specially crafted input, leading...

7.5CVSS6.1AI score0.00354EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 3 days ago7 views

CVE-2026-59886

A remote attacker can exploit this by providing specially crafted BER/CER/DER-encoded ASN.1 data with a large exponent in the REAL value. When the application subsequently prints, logs, compares, or performs arithmetic on the decoded value, this can cause excessive CPU and memory consumption,...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-59884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuatio...

7.5CVSS5.3AI score0.00354EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 4 days ago7 views

pyasn1: pyasn1: Denial of Service via crafted BER input

A flaw was found in pyasn1, a generic ASN.1 library for Python. The Basic Encoding Rules BER decoder, used by CER and DER codecs, processes long-form tags by accumulating continuation octets without an upper bound. A remote attacker can exploit this by providing a specially crafted input, leading...

7.5CVSS6.1AI score0.00354EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 4 days ago8 views

Important: Red Hat Security Advisory: Release of containers for RHOSO 18.0.21

Red Hat OpenStack Services on OpenShift RHOSO 18.0.21 containers are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7.1AI score0.00679EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-59885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time...

7.5CVSS6.2AI score0.00339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 4 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-59886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 5 days ago2 views

DEBIAN-CVE-2026-59886

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only a few bytes long can carry a very large exponent, causing float...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-59886

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only a few bytes long can carry a very large exponent, causing float...

7.5CVSS0.00339EPSS
Exploits0References3
OSV
OSV
added 5 days ago2 views

DEBIAN-CVE-2026-59884

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with C...

7.5CVSS6.1AI score0.00354EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-59885

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time relative to the number of arcs, so a small crafted payload containing an OID with many arcs consumes excessive CPU per decode call and c...

7.5CVSS0.00339EPSS
Exploits0References3
NVD
NVD
added 5 days ago6 views

CVE-2026-59884

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with C...

7.5CVSS0.00354EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago26 views

CVE-2026-59884 pyasn1 BER/CER/DER decoder denial of service via unbounded long-form tag IDs

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with C...

7.5CVSS0.00354EPSS
Exploits0References3
CVE
CVE
added 5 days ago7 views

CVE-2026-59884

pyasn1 prior to 0.6.4 contains a denial-of-service risk in its BER decoder used by CER/DER codecs: long-form tag IDs can be accumulated without an upper bound, enabling a crafted input to drive CPU usage quadratically and trigger unhandled ValueError paths in Python 3.11+ error formatting. Affect...

7.5CVSS6.1AI score0.00354EPSS
Exploits0References3
OSV
OSV
added 5 days ago3 views

CVE-2026-59884 pyasn1 BER/CER/DER decoder denial of service via unbounded long-form tag IDs

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with C...

7.5CVSS6.1AI score0.00354EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 5 days ago7 views

CVE-2026-59884

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with C...

7.5CVSS6.1AI score0.00354EPSS
Exploits0
CVE
CVE
added 5 days ago9 views

CVE-2026-59885

pyasn1 is a Python ASN.1 library. Before 0.6.4, the BER, CER, and DER decoders (and encoders on re-encode) exhibit quadratic-time processing for OBJECT IDENTIFIER and RELATIVE-OID values, allowing denial of service via crafted OIDs with many arcs. This vulnerability affects decoding/re-encoding o...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 5 days ago5 views

CVE-2026-59885

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER, CER, and DER decoders process OBJECT IDENTIFIER and RELATIVE-OID values in quadratic time relative to the number of arcs, so a small crafted payload containing an OID with many arcs consumes excessive CPU per decode call and c...

7.5CVSS6.1AI score0.00339EPSS
Exploits0
CVE
CVE
added 5 days ago10 views

CVE-2026-59886

Summary: pyasn1 before 0.6.4 contains a vulnerability in the univ.Real ASN.1 type where mantissa/base/exponent are converted to a Python float via exact big-integer exponentiation. This can cause excessive CPU/memory usage when decoding untrusted ASN.1 data and subsequently printing, logging, or ...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 5 days ago3 views

CVE-2026-59886 pyasn1: Uncontrolled resource consumption when converting decoded REAL values

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the univ.Real type converted its mantissa, base, and exponent value to a Python float using exact big-integer exponentiation. A BER, CER, or DER encoded REAL value only a few bytes long can carry a very large exponent, causing float...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References5
Rows per page
Query Builder