{ "threat_severity" : "Important", "public_date" : "2026-01-16T19:03:36Z", "bugzilla" : { "description" : "pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID", "id" : "2430472", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2430472" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-770", "details" : [ "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.", "A flaw was found in pyasn1, a generic ASN.1 library for Python. A remote attacker could exploit this vulnerability by sending a specially crafted RELATIVE-OID with excessive continuation octets. This input validation vulnerability leads to memory exhaustion, resulting in a Denial of Service (DoS) for the affected system." ], "affected_release" : [ { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3959", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "automation-controller-0:4.6.26-1.el8ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3959", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package" : "automation-controller-0:4.6.26-1.el9ap" }, { "product_name" : "Red Hat Ansible Automation Platform 2.6 for RHEL 9", "release_date" : "2026-03-06T00:00:00Z", "advisory" : "RHSA-2026:3958", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "package" : "automation-controller-0:4.7.9-1.el9ap" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-02-04T00:00:00Z", "advisory" : "RHSA-2026:1905", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "fence-agents-0:4.16.0-13.el10_1.2" }, { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2026-02-25T00:00:00Z", "advisory" : "RHSA-2026:3354", "cpe" : "cpe:/o:redhat:enterprise_linux:10.1", "package" : "python-pyasn1-0:0.6.2-1.el10_1" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2309", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "fence-agents-0:4.16.0-5.el10_0.8" }, { "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4138", "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0", "package" : "python-pyasn1-0:0.6.2-1.el10_0.1" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-02-16T00:00:00Z", "advisory" : "RHSA-2026:2758", "cpe" : "cpe:/a:redhat:rhel_extras_sap_els:7", "package" : "resource-agents-0:4.1.1-61.el7_9.23" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-02-16T00:00:00Z", "advisory" : "RHSA-2026:2758", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "resource-agents-0:4.1.1-61.el7_9.23" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4148", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "python-pyasn1-0:0.1.9-7.el7_9.2" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-02-04T00:00:00Z", "advisory" : "RHSA-2026:1906", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "fence-agents-0:4.2.1-129.el8_10.21" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4146", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "python-pyasn1-0:0.3.7-6.el8_10.1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2026-02-04T00:00:00Z", "advisory" : "RHSA-2026:1904", "cpe" : "cpe:/a:redhat:enterprise_linux:8::highavailability", "package" : "resource-agents-0:4.9.0-54.el8_10.28" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4145", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "python-pyasn1-0:0.3.7-6.el8_2.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2483", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "fence-agents-0:4.2.1-65.el8_4.27" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4147", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "python-pyasn1-0:0.3.7-6.el8_4.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-02-16T00:00:00Z", "advisory" : "RHSA-2026:2712", "cpe" : "cpe:/a:redhat:rhel_aus:8.4::highavailability", "package" : "resource-agents-0:4.1.1-90.el8_4.23" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2483", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "fence-agents-0:4.2.1-65.el8_4.27" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4147", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "python-pyasn1-0:0.3.7-6.el8_4.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-02-16T00:00:00Z", "advisory" : "RHSA-2026:2712", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability", "package" : "resource-agents-0:4.1.1-90.el8_4.23" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2486", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "fence-agents-0:4.2.1-89.el8_6.21" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4144", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "python-pyasn1-0:0.3.7-6.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2486", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "fence-agents-0:4.2.1-89.el8_6.21" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4144", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "python-pyasn1-0:0.3.7-6.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2453", "cpe" : "cpe:/a:redhat:rhel_tus:8.6::highavailability", "package" : "resource-agents-0:4.9.0-16.el8_6.20" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2486", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "fence-agents-0:4.2.1-89.el8_6.21" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4144", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "python-pyasn1-0:0.3.7-6.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2453", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6::highavailability", "package" : "resource-agents-0:4.9.0-16.el8_6.20" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2221", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "fence-agents-0:4.2.1-112.el8_8.16" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4139", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "python-pyasn1-0:0.3.7-6.el8_8.1" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2460", "cpe" : "cpe:/a:redhat:rhel_tus:8.8::highavailability", "package" : "resource-agents-0:4.9.0-40.el8_8.16" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2221", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "fence-agents-0:4.2.1-112.el8_8.16" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4139", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "python-pyasn1-0:0.3.7-6.el8_8.1" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-02-10T00:00:00Z", "advisory" : "RHSA-2026:2460", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8::highavailability", "package" : "resource-agents-0:4.9.0-40.el8_8.16" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-02-04T00:00:00Z", "advisory" : "RHSA-2026:1903", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "fence-agents-0:4.10.0-98.el9_7.5" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2026-02-25T00:00:00Z", "advisory" : "RHSA-2026:3359", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "python-pyasn1-0:0.4.8-7.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2303", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "fence-agents-0:4.10.0-20.el9_0.28" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4140", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "python-pyasn1-0:0.4.8-6.el9_0.1" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2300", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "fence-agents-0:4.10.0-43.el9_2.19" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4142", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "python-pyasn1-0:0.4.8-6.el9_2.1" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2302", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "fence-agents-0:4.10.0-62.el9_4.22" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4143", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "python-pyasn1-0:0.4.8-6.el9_4.1" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-02-09T00:00:00Z", "advisory" : "RHSA-2026:2299", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "fence-agents-0:4.10.0-86.el9_6.15" }, { "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support", "release_date" : "2026-03-10T00:00:00Z", "advisory" : "RHSA-2026:4141", "cpe" : "cpe:/a:redhat:rhel_eus:9.6", "package" : "python-pyasn1-0:0.4.8-6.el9_6.1" }, { "product_name" : "Red Hat Ceph Storage 8", "release_date" : "2026-03-24T00:00:00Z", "advisory" : "RHSA-2026:5606", "cpe" : "cpe:/a:redhat:ceph_storage:8::el9", "package" : "rhceph/rhceph-8-rhel9:1774002867" }, { "product_name" : "Red Hat Update Infrastructure 5", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4943", "cpe" : "cpe:/a:redhat:rhui:5::el9", "package" : "rhui5/rhua-rhel9:1773670137" } ], "package_state" : [ { "product_name" : "Lightspeed Core", "fix_state" : "Affected", "package_name" : "lightspeed-core/dataverse-exporter-rhel9", "cpe" : "cpe:/a:redhat:lightspeed_core" }, { "product_name" : "Lightspeed Core", "fix_state" : "Affected", "package_name" : "lightspeed-core/lightspeed-stack-rhel9", "cpe" : "cpe:/a:redhat:lightspeed_core" }, { "product_name" : "Migration Toolkit for Containers", "fix_state" : "Affected", "package_name" : "rhmtc/openshift-migration-hook-runner-rhel8", "cpe" : "cpe:/a:redhat:rhmt:1" }, { "product_name" : "Migration Toolkit for Containers", "fix_state" : "Affected", "package_name" : "rhmtc/openshift-migration-rhel8-operator", "cpe" : "cpe:/a:redhat:rhmt:1" }, { "product_name" : "Migration Toolkit for Virtualization", "fix_state" : "Affected", "package_name" : "migration-toolkit-virtualization/mtv-rhel9-operator", "cpe" : "cpe:/a:redhat:migration_toolkit_virtualization:2" }, { "product_name" : "Migration Toolkit for Virtualization", "fix_state" : "Affected", "package_name" : "mtv-candidate/mtv-rhel9-operator", "cpe" : "cpe:/a:redhat:migration_toolkit_virtualization:2" }, { "product_name" : "OpenShift Lightspeed", "fix_state" : "Affected", "package_name" : "openshift-lightspeed/lightspeed-service-api-rhel9", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "OpenShift Lightspeed", "fix_state" : "Affected", "package_name" : "openshift-lightspeed/lightspeed-to-dataverse-exporter-rhel9", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "OpenShift Service Mesh 3", "fix_state" : "Not affected", "package_name" : "openshift-service-mesh/kiali-rhel9-operator", "cpe" : "cpe:/a:redhat:service_mesh:3" }, { "product_name" : "Red Hat AI Inference Server", "fix_state" : "Affected", "package_name" : "rhaiis/vllm-rocm-rhel9", "cpe" : "cpe:/a:redhat:ai_inference_server:3" }, { "product_name" : "Red Hat AI Inference Server", "fix_state" : "Affected", "package_name" : "rhaiis/vllm-tpu-rhel9", "cpe" : "cpe:/a:redhat:ai_inference_server:3" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-24/ee-minimal-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-24/ee-minimal-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-24/ee-supported-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-24/ee-supported-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-24/lightspeed-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-24/platform-resource-runner-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-25/ee-minimal-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-25/ee-minimal-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/ee-supported-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-25/ee-supported-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Will not fix", "package_name" : "ansible-automation-platform-25/lightspeed-chatbot-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/lightspeed-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/platform-resource-runner-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/controller-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/controller-rhel9-operator", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/eda-controller-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/eda-controller-rhel9-operator", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/ee-supported-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/gateway-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/gateway-rhel9-operator", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/hub-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/hub-rhel9-operator", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/lightspeed-chatbot-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-26/lightspeed-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/lightspeed-rhel9-operator", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "ansible-automation-platform-26/platform-resource-rhel9-operator", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.11-pyasn1", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.11-pyasn1-modules", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "python3.12-pyasn1", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3.12-pyasn1-modules", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "python3x-pyasn1", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "python-pyasn1", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3", "fix_state" : "Affected", "package_name" : "rhelai3/bootc-azure-rocm-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3", "fix_state" : "Affected", "package_name" : "rhelai3/bootc-rocm-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-feature-server-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kserve-agent-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kserve-controller-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-kserve-router-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-kserve-storage-initializer-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-llama-stack-core-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-mlflow-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-ml-pipelines-runtime-generic-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-modelmesh-runtime-adapter-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-training-cuda128-torch29-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-trustyai-garak-lls-provider-dsp-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-trustyai-nemo-guardrails-server-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Affected", "package_name" : "rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-ansible-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ztp-site-generate-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "python-pyasn1", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Affected", "package_name" : "python-pyasn1", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat OpenStack Platform 17.1", "fix_state" : "Affected", "package_name" : "python-pyasn1", "cpe" : "cpe:/a:redhat:openstack:17.1" }, { "product_name" : "Red Hat OpenStack Platform 18.0", "fix_state" : "Affected", "package_name" : "rhoso-operators/ee-openstack-ansible-ee-rhel9", "cpe" : "cpe:/a:redhat:openstack:18.0" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "quay/quay-rhel8", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "quay/quay-rhel9", "cpe" : "cpe:/a:redhat:quay:3" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "python3.12-pyasn1", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "python3.12-pyasn1-modules", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "python-pyasn1", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "python-pyasn1-modules", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite/iop-advisor-engine-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "satellite/iop-insights-engine-rhel9", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Trusted Artifact Signer", "fix_state" : "Affected", "package_name" : "rhtas/model-transparency-rhel9", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1" }, { "product_name" : "Red Hat Trusted Artifact Signer", "fix_state" : "Affected", "package_name" : "rhtas/segment-reporting-rhel9", "cpe" : "cpe:/a:redhat:trusted_artifact_signer:1" }, { "product_name" : "Service Telemetry Framework 1.5", "fix_state" : "Affected", "package_name" : "stf/prometheus-webhook-snmp-rhel9", "cpe" : "cpe:/a:redhat:stf:1.5" }, { "product_name" : "Service Telemetry Framework 1.5", "fix_state" : "Affected", "package_name" : "stf/service-telemetry-rhel9-operator", "cpe" : "cpe:/a:redhat:stf:1.5" }, { "product_name" : "Service Telemetry Framework 1.5", "fix_state" : "Affected", "package_name" : "stf/smart-gateway-rhel9-operator", "cpe" : "cpe:/a:redhat:stf:1.5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-23490\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-23490\nhttps://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970\nhttps://github.com/pyasn1/pyasn1/releases/tag/v0.6.2\nhttps://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq" ], "name" : "CVE-2026-23490", "csaw" : false }