CVE-2026-23490
high
CVSS v3
β
CVSS v4 NEW
β
VIR risk
8.0
Description
RHSA-2026:4146: python-pyasn1 security update (Important)
Predictions
Exploit likelihood
30%
Patch ETA
β
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Source: Red Hat Errata β Red Hat Inc. Β· View original β Β· Open-Errata-API
Description pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Ansible Automation Platform 2.5 for RHEL 8python3.12-pyasn1-0:0.6.3-1.el8apRHSA-2026:135122026-05-04T00:00:00Z Red Hat Ansible Automation Platform 2.5 for RHELβ¦
Description
pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID
CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Ansible Automation Platform 2.5 for RHEL 8 | python3.12-pyasn1-0:0.6.3-1.el8ap | RHSA-2026:13512 | 2026-05-04T00:00:00Z |
| Red Hat Ansible Automation Platform 2.5 for RHEL 8 | automation-controller-0:4.6.26-1.el8ap | RHSA-2026:3959 | 2026-03-06T00:00:00Z |
| Red Hat Ansible Automation Platform 2.5 for RHEL 9 | python3.12-pyasn1-0:0.6.3-1.el9ap | RHSA-2026:13512 | 2026-05-04T00:00:00Z |
| Red Hat Ansible Automation Platform 2.5 for RHEL 9 | automation-controller-0:4.6.26-1.el9ap | RHSA-2026:3959 | 2026-03-06T00:00:00Z |
| Red Hat Ansible Automation Platform 2.6 for RHEL 9 | python3.12-pyasn1-0:0.6.3-1.el9ap | RHSA-2026:13508 | 2026-05-04T00:00:00Z |
| Red Hat Ansible Automation Platform 2.6 for RHEL 9 | automation-controller-0:4.7.9-1.el9ap | RHSA-2026:3958 | 2026-03-06T00:00:00Z |
| Red Hat Enterprise Linux 10 | fence-agents-0:4.16.0-13.el10_1.2 | RHSA-2026:1905 | 2026-02-04T00:00:00Z |
| Red Hat Enterprise Linux 10 | python-pyasn1-0:0.6.2-1.el10_1 | RHSA-2026:3354 | 2026-02-25T00:00:00Z |
| Red Hat Enterprise Linux 10.0 Extended Update Support | fence-agents-0:4.16.0-5.el10_0.8 | RHSA-2026:2309 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 10.0 Extended Update Support | python-pyasn1-0:0.6.2-1.el10_0.1 | RHSA-2026:4138 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | resource-agents-0:4.1.1-61.el7_9.23 | RHSA-2026:2758 | 2026-02-16T00:00:00Z |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | resource-agents-0:4.1.1-61.el7_9.23 | RHSA-2026:2758 | 2026-02-16T00:00:00Z |
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | python-pyasn1-0:0.1.9-7.el7_9.2 | RHSA-2026:4148 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8 | fence-agents-0:4.2.1-129.el8_10.21 | RHSA-2026:1906 | 2026-02-04T00:00:00Z |
| Red Hat Enterprise Linux 8 | python-pyasn1-0:0.3.7-6.el8_10.1 | RHSA-2026:4146 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8 | resource-agents-0:4.9.0-54.el8_10.28 | RHSA-2026:1904 | 2026-02-04T00:00:00Z |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | python-pyasn1-0:0.3.7-6.el8_2.1 | RHSA-2026:4145 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | fence-agents-0:4.2.1-65.el8_4.27 | RHSA-2026:2483 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | python-pyasn1-0:0.3.7-6.el8_4.1 | RHSA-2026:4147 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | resource-agents-0:4.1.1-90.el8_4.23 | RHSA-2026:2712 | 2026-02-16T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | fence-agents-0:4.2.1-65.el8_4.27 | RHSA-2026:2483 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | python-pyasn1-0:0.3.7-6.el8_4.1 | RHSA-2026:4147 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | resource-agents-0:4.1.1-90.el8_4.23 | RHSA-2026:2712 | 2026-02-16T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | fence-agents-0:4.2.1-89.el8_6.21 | RHSA-2026:2486 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | python-pyasn1-0:0.3.7-6.el8_6.1 | RHSA-2026:4144 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | fence-agents-0:4.2.1-89.el8_6.21 | RHSA-2026:2486 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | python-pyasn1-0:0.3.7-6.el8_6.1 | RHSA-2026:4144 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Telecommunications Update Service | resource-agents-0:4.9.0-16.el8_6.20 | RHSA-2026:2453 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | fence-agents-0:4.2.1-89.el8_6.21 | RHSA-2026:2486 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | python-pyasn1-0:0.3.7-6.el8_6.1 | RHSA-2026:4144 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | resource-agents-0:4.9.0-16.el8_6.20 | RHSA-2026:2453 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | fence-agents-0:4.2.1-112.el8_8.16 | RHSA-2026:2221 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | python-pyasn1-0:0.3.7-6.el8_8.1 | RHSA-2026:4139 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Telecommunications Update Service | resource-agents-0:4.9.0-40.el8_8.16 | RHSA-2026:2460 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | fence-agents-0:4.2.1-112.el8_8.16 | RHSA-2026:2221 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | python-pyasn1-0:0.3.7-6.el8_8.1 | RHSA-2026:4139 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | resource-agents-0:4.9.0-40.el8_8.16 | RHSA-2026:2460 | 2026-02-10T00:00:00Z |
| Red Hat Enterprise Linux 9 | fence-agents-0:4.10.0-98.el9_7.5 | RHSA-2026:1903 | 2026-02-04T00:00:00Z |
| Red Hat Enterprise Linux 9 | python-pyasn1-0:0.4.8-7.el9_7 | RHSA-2026:3359 | 2026-02-25T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | fence-agents-0:4.10.0-20.el9_0.28 | RHSA-2026:2303 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | python-pyasn1-0:0.4.8-6.el9_0.1 | RHSA-2026:4140 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | fence-agents-0:4.10.0-43.el9_2.19 | RHSA-2026:2300 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | python-pyasn1-0:0.4.8-6.el9_2.1 | RHSA-2026:4142 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 9.4 Extended Update Support | fence-agents-0:4.10.0-62.el9_4.22 | RHSA-2026:2302 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 9.4 Extended Update Support | python-pyasn1-0:0.4.8-6.el9_4.1 | RHSA-2026:4143 | 2026-03-10T00:00:00Z |
| Red Hat Enterprise Linux 9.6 Extended Update Support | fence-agents-0:4.10.0-86.el9_6.15 | RHSA-2026:2299 | 2026-02-09T00:00:00Z |
| Red Hat Enterprise Linux 9.6 Extended Update Support | python-pyasn1-0:0.4.8-6.el9_6.1 | RHSA-2026:4141 | 2026-03-10T00:00:00Z |
| Red Hat OpenShift Container Platform 4.17 | python-pyasn1-0:0.5.1-4.el9 | RHSA-2026:17595 | 2026-05-20T00:00:00Z |
| Red Hat OpenShift Container Platform 4.18 | python-pyasn1-0:0.5.1-4.el9 | RHSA-2026:17446 | 2026-05-20T00:00:00Z |
| Red Hat Ansible Automation Platform 2.5 | ansible-automation-platform-25/ee-supported-rhel8:1777398315 | RHSA-2026:13553 | 2026-05-04T00:00:00Z |
| Red Hat Ansible Automation Platform 2.5 | ansible-automation-platform-25/platform-resource-runner-rhel8:1777402264 | RHSA-2026:13553 | 2026-05-04T00:00:00Z |
| Red Hat Ansible Automation Platform 2.6 | ansible-automation-platform-26/eda-controller-rhel9:1777296732 | RHSA-2026:13545 | 2026-05-04T00:00:00Z |
| Red Hat Ansible Automation Platform 2.6 | ansible-automation-platform-26/ee-supported-rhel9:1777391447 | RHSA-2026:13545 | 2026-05-04T00:00:00Z |
| Red Hat Ceph Storage 8 | rhceph/rhceph-8-rhel9:1774002867 | RHSA-2026:5606 | 2026-03-24T00:00:00Z |
| Red Hat Enterprise Linux AI 3.3 | rhelai3/bootc-azure-rocm-rhel9:1778677745 | RHSA-2026:17611 | 2026-05-14T00:00:00Z |
| Red Hat Enterprise Linux AI 3.3 | rhelai3/bootc-rocm-rhel9:1778666124 | RHSA-2026:17611 | 2026-05-14T00:00:00Z |
| Red Hat OpenShift AI 3.3 | rhoai/odh-feature-server-rhel9:1778239104 | RHSA-2026:19712 | 2026-05-20T00:00:00Z |
| Red Hat OpenShift AI 3.3 | rhoai/odh-kserve-storage-initializer-rhel9:1778263407 | RHSA-2026:19712 | 2026-05-20T00:00:00Z |
| Red Hat OpenShift AI 3.3 | rhoai/odh-mlflow-rhel9:1778791600 | RHSA-2026:19712 | 2026-05-20T00:00:00Z |
| Red Hat OpenShift AI 3.3 | rhoai/odh-training-cuda128-torch29-py312-rhel9:1779123334 | RHSA-2026:19712 | 2026-05-20T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Lightspeed Core | lightspeed-core/dataverse-exporter-rhel9 | Affected |
| Lightspeed Core | lightspeed-core/lightspeed-stack-rhel9 | Affected |
| Migration Toolkit for Containers | rhmtc/openshift-migration-hook-runner-rhel8 | Affected |
| Migration Toolkit for Containers | rhmtc/openshift-migration-rhel8-operator | Affected |
| Migration Toolkit for Virtualization | migration-toolkit-virtualization/mtv-rhel9-operator | Will not fix |
| Migration Toolkit for Virtualization | mtv-candidate/mtv-rhel9-operator | Affected |
| OpenShift Lightspeed | openshift-lightspeed/lightspeed-service-api-rhel9 | Affected |
| OpenShift Lightspeed | openshift-lightspeed/lightspeed-to-dataverse-exporter-rhel9 | Affected |
| OpenShift Service Mesh 3 | openshift-service-mesh/kiali-rhel9-operator | Not affected |
| Red Hat AI Inference Server | rhaiis/vllm-rocm-rhel9 | Affected |
| Red Hat AI Inference Server | rhaiis/vllm-tpu-rhel9 | Affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-24/ee-minimal-rhel8 | Will not fix |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-24/ee-minimal-rhel9 | Will not fix |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-24/lightspeed-rhel8 | Will not fix |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/ee-minimal-rhel8 | Will not fix |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/ee-minimal-rhel9 | Will not fix |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/lightspeed-chatbot-rhel8 | Will not fix |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/lightspeed-rhel8 | Affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/controller-rhel9 | Affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/controller-rhel9-operator | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/eda-controller-rhel9-operator | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/gateway-rhel9 | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/gateway-rhel9-operator | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/hub-rhel9 | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/hub-rhel9-operator | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/lightspeed-chatbot-rhel9 | Affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/lightspeed-rhel9 | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/lightspeed-rhel9-operator | Not affected |
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-26/platform-resource-rhel9-operator | Not affected |
| Red Hat Ansible Automation Platform 2 | python3.11-pyasn1 | Not affected |
| Red Hat Ansible Automation Platform 2 | python3.11-pyasn1-modules | Not affected |
| Red Hat Ansible Automation Platform 2 | python3.12-pyasn1-modules | Not affected |
| Red Hat Ansible Automation Platform 2 | python3x-pyasn1 | Not affected |
| Red Hat Enterprise Linux 6 | python-pyasn1 | Not affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-kserve-agent-rhel9 | Not affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-kserve-controller-rhel9 | Not affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-kserve-router-rhel9 | Not affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-llama-stack-core-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-ml-pipelines-runtime-generic-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-modelmesh-runtime-adapter-rhel8 | Not affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-trustyai-garak-lls-provider-dsp-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-trustyai-nemo-guardrails-server-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9 | Affected |
| Red Hat OpenShift AI (RHOAI) | rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9 | Affected |
Apply commands
Apply RHSA-2026:13512 for Red Hat Ansible Automation Platform 2.5 for RHEL 8
yum update -y python3
# or:
dnf upgrade -y python3Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | Lightspeed Core | Affected |
| redhat | Lightspeed Core | Affected |
| redhat | Migration Toolkit for Containers | Affected |
| redhat | Migration Toolkit for Containers | Affected |
| redhat | Migration Toolkit for Virtualization | Affected |
| redhat | OpenShift Lightspeed | Affected |
| redhat | OpenShift Lightspeed | Affected |
| redhat | OpenShift Service Mesh 3 | Not affected |
| redhat | Red Hat AI Inference Server | Affected |
| redhat | Red Hat AI Inference Server | Affected |
| redhat | Red Hat Ansible Automation Platform 2 | Affected |
| redhat | Red Hat Ansible Automation Platform 2 | Affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Ansible Automation Platform 2 | Not affected |
| redhat | Red Hat Enterprise Linux 6 | Not affected |
| redhat | Red Hat OpenShift AI (RHOAI) | Not affected |
| redhat | Red Hat OpenShift AI (RHOAI) | Not affected |
| redhat | Red Hat OpenShift AI (RHOAI) | Not affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
AlmaLinux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | fence-agents-eaton-snmp-4.10.0-98.el9_7.5.noarch.rpm |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 0.6.1-1+deb13u1 |
| sid | Fixed | 0.6.2-1 |
| forky | Fixed | 0.6.2-1 |
| bullseye | Fixed | 0.4.8-1+deb11u1 |
| bookworm | Fixed | 0.4.8-3+deb12u1 |
Red Hat Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
| 8 | Fixed | β |
Rocky Linux Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
| 8 | Fixed | β |
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| PyPI | pyasn1 | >=0.6.1,<0.6.2 | 0.6.2 |
References
- https://errata.rockylinux.org/RLSA-2026:4146
- https://errata.rockylinux.org/RLSA-2026:1904
- https://errata.rockylinux.org/RLSA-2026:1906
- https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq
- https://nvd.nist.gov/vuln/detail/CVE-2026-23490
- https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970
- https://github.com/pyasn1/pyasn1/commit/be353d755f42ea36539b4f5053c652ddf56979a6
- https://github.com/pyasn1/pyasn1
- https://github.com/pyasn1/pyasn1/blob/0f07d7242a78ab4d129b26256d7474f7168cf536/pyasn1/codec/ber/decoder.py#L496
- https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2
- https://lists.debian.org/debian-lts-announce/2026/02/msg00002.html
- https://access.redhat.com/errata/RHSA-2026:1903
- https://access.redhat.com/errata/RHSA-2026:3359
- https://www.suse.com/security/cve/CVE-2026-23490.html
- https://errata.rockylinux.org/RLSA-2026:3359
- https://errata.rockylinux.org/RLSA-2026:1903
- https://security-tracker.debian.org/tracker/CVE-2026-23490
- https://access.redhat.com/errata/RHSA-2026:1906
- https://bugzilla.redhat.com/2430472
- https://errata.almalinux.org/8/ALSA-2026-1906.html
- https://access.redhat.com/errata/RHSA-2026:4146
- https://errata.almalinux.org/8/ALSA-2026-4146.html
- https://access.redhat.com/errata/RHSA-2026:1904
- https://errata.almalinux.org/8/ALSA-2026-1904.html
- https://errata.almalinux.org/9/ALSA-2026-1903.html
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.