Intel

AIKIDO-2026-911927

pyasn1 is vulnerable to Denial of Service (DoS)

Denial of Service (DoS)CVE-2026-59886 Published 3 days ago

75

High Risk

This Affects:

PYTHONpyasn1
0.0.13 - 0.6.3
Fixed in 0.6.4
Are you affected? Scan for Free

TL;DR

The univ.Real type converts its mantissa, base, and exponent to a Python float using exact big-integer exponentiation. A BER/CER/DER-encoded REAL value only a few bytes long can carry a very large exponent, causing this computation to materialize an astronomically large integer. Any operation that triggers float conversion on such a decoded value, including prettyPrint(), str(), comparison, arithmetic, or float(), consumes excessive CPU and memory and hangs the process. The fix uses math.ldexp() for binary values and raises OverflowError for out-of-range decimal exponents without building huge intermediates.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range and your application converts, prints, compares, or does arithmetic on decoded ASN.1 REAL values from untrusted sources.

Background info

pyasn1 is vulnerable to Denial of Service (DoS) in versions 0.0.13 - 0.6.3.

How to fix this

Upgrade the pyasn1 library to the patch version.