CVE-2026-30922

{"id": "CVE-2026-30922", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-03-18T04:17:18.397", "references": [{"url": "https://github.com/pyasn1/pyasn1/commit/25ad481c19fdb006e20485ef3fc2e5b3eff30ef0", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pyasn1/pyasn1/security/advisories/GHSA-jr27-m4p2-rc6r", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "http://www.openwall.com/lists/oss-security/2026/03/20/4", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-674"}]}], "descriptions": [{"lang": "en", "value": "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested `SEQUENCE` (`0x30`) or `SET` (`0x31`) tags with \"Indefinite Length\" (`0x80`) markers. This forces the decoder to recursively call itself until the Python interpreter crashes with a `RecursionError` or consumes all available memory (OOM), crashing the host application. This is a distinct vulnerability from CVE-2026-23490 (which addressed integer overflows in OID decoding). The fix for CVE-2026-23490 (`MAX_OID_ARC_CONTINUATION_OCTETS`) does not mitigate this recursion issue. Version 0.6.3 fixes this specific issue."}, {"lang": "es", "value": "pyasn1 es una biblioteca ASN.1 gen\u00e9rica para Python. Antes de la versi\u00f3n 0.6.3, la biblioteca 'pyasn1' es vulnerable a un ataque de denegaci\u00f3n de servicio (DoS) causado por recursi\u00f3n incontrolada al decodificar datos ASN.1 con estructuras profundamente anidadas. Un atacante puede suministrar una carga \u00fatil manipulada que contenga miles de etiquetas 'SEQUENCE' ('0x30') o 'SET' ('0x31') anidadas con marcadores de 'Longitud Indefinida' ('0x80'). Esto fuerza al decodificador a llamarse recursivamente hasta que el int\u00e9rprete de Python falla con un 'RecursionError' o consume toda la memoria disponible (OOM), provocando la ca\u00edda de la aplicaci\u00f3n anfitriona. Esta es una vulnerabilidad distinta de CVE-2026-23490 (que abord\u00f3 desbordamientos de enteros en la decodificaci\u00f3n de OID). La soluci\u00f3n para CVE-2026-23490 ('MAX_OID_ARC_CONTINUATION_OCTETS') no mitiga este problema de recursi\u00f3n. La versi\u00f3n 0.6.3 soluciona este problema espec\u00edfico."}], "lastModified": "2026-03-21T01:17:06.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pyasn1:pyasn1:*:*:*:*:*:python:*:*", "vulnerable": true, "matchCriteriaId": "3F5F876E-E9B5-45D9-AE85-5E3E35AD09D7", "versionEndExcluding": "0.6.3"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}