pyasn1 Vulnerable to Denial of Service via Unbounded Recursion
Summary
pyasn1 Vulnerable to Denial of Service via Unbounded Recursion. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): ansible-automation-platform, rhelai3/bootc-rocm-rhel9:1778666124, rhaiis/vllm-rocm-rhel9:1778244531, quay/quay-rhel8:1775169155, quay/quay-rhel8:1775253092, fence-agents. Resolved in Red Hat advisory RHSA-2026:13508 — update the affected packages (`sudo dnf update`).
- ansible-automation-platform-26/lightspeed-chatbot-rhel9:1774417022
- rhelai3/bootc-rocm-rhel9:1778666124
- rhaiis/vllm-rocm-rhel9:1778244531
- ansible-automation-platform-25/ee-supported-rhel8:1777398315
- ansible-automation-platform-26/lightspeed-rhel9:1777387242
- quay/quay-rhel8:1775169155
- quay/quay-rhel8:1775253092
- fence-agents-0:4.10.0-62.el9_4.25
- fence-agents-0:4.10.0-98.el9_7.13
- rhelai3/bootc-azure-rocm-rhel9:1778677745
- ansible-automation-platform-26/eda-controller-rhel9:1777296732
- resource-agents-0:4.9.0-40.el8_8.19
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
- RHSA-2026:13508
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:13508 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.