Untriaged
Permalink
CVE-2026-59884
7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): None (N)
- Integrity (I): None (N)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): High (H)
Activity log
- Created suggestion
pyasn1 BER/CER/DER decoder denial of service via unbounded long-form tag IDs
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with CPU cost growing quadratically and to trigger unhandled ValueError exceptions in Python 3.11+ error formatting paths. Any application decoding untrusted BER, CER, or DER input is affected. This issue is fixed in version 0.6.4.
References
-
https://github.com/pyasn1/pyasn1/security/advisories/GHSA-m4p7-r5rc-7g4j x_refsource_CONFIRM
-
https://github.com/pyasn1/pyasn1/releases/tag/v0.6.4 x_refsource_MISC
Affected products
pyasn1
- ==< 0.6.4
Matching in nixpkgs
pkgs.python313Packages.pyasn1
Generic ASN.1 library for Python
pkgs.python314Packages.pyasn1
Generic ASN.1 library for Python
pkgs.python313Packages.pysnmp-pyasn1
Python ASN.1 encoder and decoder
pkgs.python314Packages.pysnmp-pyasn1
Python ASN.1 encoder and decoder
pkgs.python313Packages.pyasn1-modules
Collection of ASN.1-based protocols modules
Package maintainers
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>