CVE-2026-30922

Name of the Vulnerable Software and Affected Versions pyasn1 versions prior to 0.6.3

Description The pyasn1 library is susceptible to a Denial of Service (DoS) attack stemming from uncontrolled recursion when decoding ASN.1 data containing deeply nested structures. An attacker can craft a payload with numerous nested SEQUENCE (0x30) or SET (0x31) tags, utilizing "Indefinite Length" (0x80) markers. This forces the decoder into recursive calls, potentially leading to a RecursionError or complete memory exhaustion (OOM), ultimately causing the host application to crash. The issue arises from the decoder's recursive calls to decodeFun without depth limitations or tracking. Vulnerable code locations include indefLenValueDecoder, valueDecoder, and decodeComponentsSchemaless. A proof-of-concept (PoC) demonstrates the ability to crash the service with a relatively small payload, potentially impacting services that rely on pyasn1 for parsing untrusted ASN.1 data, such as LDAP, SNMP, Kerberos, and X.509 parsers.

Recommendations Versions prior to 0.6.3 should be updated to version 0.6.3 or later to address this issue.