CVE-2026-30922
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENCE (0x30) or SET (0x31) tags with "Indefinite Length" (0x80) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a RecursionError or consumes all available memory (OOM), crashing the host application. This is a distinct vulnerability from CVE-2026-23490 (which addressed integer overflows in OID decoding). The fix for CVE-2026-23490 (MAX_OID_ARC_CONTINUATION_OCTETS) does not mitigate this recursion issue. Version 0.6.3 fixes this specific issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| pyasn1 | pyasn1 | < 0.6.3 | affected |
Weaknesses
- CWE-674: CWE-674: Uncontrolled Recursion
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2026/03/20/4
- https://lists.debian.org/debian-lts-announce/2026/05/msg00001.html
References
- https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r
- https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.