USN-8134-1: pyasn1 vulnerabilities
Two vulnerabilities in the pyasn1 library can lead to denial of service by exhausting system resources when decoding malformed or maliciously crafted certificates. These issues arise from uncontrolled recursion during decoding attempts. The affected versions include specific Ubuntu package versions of pyasn1. No CVSS score is provided, and no known exploits are reported in the wild.
AI Analysis
Technical Summary
The pyasn1 library contains vulnerabilities (CVE-2026-23490 and CVE-2026-30922) that allow an attacker to cause a denial of service by exhausting system resources. This occurs due to uncontrolled recursion when decoding malformed or maliciously crafted certificates. The vulnerabilities affect multiple specific Ubuntu package versions of pyasn1. There is no information about available patches or fixes in the provided data.
Potential Impact
An attacker could exploit these vulnerabilities to cause denial of service by exhausting system resources on systems using the affected pyasn1 versions. This could disrupt normal operations of applications relying on pyasn1 for certificate decoding.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, consider restricting or validating inputs to pyasn1 decoding functions to prevent processing of malformed certificates.
USN-8134-1: pyasn1 vulnerabilities
Description
Two vulnerabilities in the pyasn1 library can lead to denial of service by exhausting system resources when decoding malformed or maliciously crafted certificates. These issues arise from uncontrolled recursion during decoding attempts. The affected versions include specific Ubuntu package versions of pyasn1. No CVSS score is provided, and no known exploits are reported in the wild.
Affected software
pkg:deb/ubuntu/[email protected]+esm1?arch=source&distro=esm-infra-legacy/trustypkg:deb/ubuntu/[email protected]~esm1?arch=source&distro=esm-infra/xenialpkg:deb/ubuntu/[email protected]~esm1?arch=source&distro=esm-infra/bionicpkg:deb/ubuntu/[email protected]~esm1?arch=source&distro=esm-infra/focalRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The pyasn1 library contains vulnerabilities (CVE-2026-23490 and CVE-2026-30922) that allow an attacker to cause a denial of service by exhausting system resources. This occurs due to uncontrolled recursion when decoding malformed or maliciously crafted certificates. The vulnerabilities affect multiple specific Ubuntu package versions of pyasn1. There is no information about available patches or fixes in the provided data.
Potential Impact
An attacker could exploit these vulnerabilities to cause denial of service by exhausting system resources on systems using the affected pyasn1 versions. This could disrupt normal operations of applications relying on pyasn1 for certificate decoding.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, consider restricting or validating inputs to pyasn1 decoding functions to prevent processing of malformed certificates.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- USN-8134-1
- Osv Schema Version
- 1.7.0
- Aliases
- []
- Ecosystems
- ["Ubuntu:Pro:14.04:LTS","Ubuntu:Pro:16.04:LTS","Ubuntu:Pro:18.04:LTS","Ubuntu:Pro:20.04:LTS"]
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a58b51468715ace43db379a
Added to database: 07/16/2026, 10:40:20 UTC
Last enriched: 07/16/2026, 14:26:47 UTC
Last updated: 07/17/2026, 02:36:52 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.