Nixpkgs security tracker

Untriaged

Permalink CVE-2026-23490

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 3 months ago

pyasn1 has a DoS vulnerability in decoder

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.

References

https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq x_refsource_CONFIRM
https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970 x_refsource_MISC
https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2 x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2026/02/msg00002.html

Affected products

pyasn1

==< 0.6.2

Matching in nixpkgs

pkgs.python312Packages.pyasn1

Generic ASN.1 library for Python

nixos-unstable pyasn1-0.6.1
- nixpkgs-unstable pyasn1-0.6.1
- nixos-unstable-small pyasn1-0.6.1
nixos-25.11 pyasn1-0.6.1
- nixpkgs-25.11-darwin pyasn1-0.6.1

pkgs.python313Packages.pyasn1

Generic ASN.1 library for Python

nixos-unstable pyasn1-0.6.1
- nixpkgs-unstable pyasn1-0.6.1
- nixos-unstable-small pyasn1-0.6.1
nixos-25.11 pyasn1-0.6.1
- nixpkgs-25.11-darwin pyasn1-0.6.1

pkgs.python312Packages.pysnmp-pyasn1

Python ASN.1 encoder and decoder

nixos-unstable pyasn1-1.1.3
- nixpkgs-unstable pyasn1-1.1.3
- nixos-unstable-small pyasn1-1.1.3
nixos-25.11 pyasn1-1.1.3
- nixpkgs-25.11-darwin pyasn1-1.1.3

pkgs.python313Packages.pysnmp-pyasn1