Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Python pyasn1 Library Allows Remote Code Execution
RHSA-2026:3354
Summary
A security update is available for the Python pyasn1 library, which is used by multiple applications. This update fixes a vulnerability that could allow an attacker to execute malicious code on a vulnerable system. Businesses should update their systems to the latest version of the library to prevent potential security risks.
What to do
- Update redhat python-pyasn1 to version 0:0.6.2-1.el10_1.
- Update redhat python3-pyasn1 to version 0:0.6.2-1.el10_1.
- Update redhat python3-pyasn1-modules to version 0:0.6.2-1.el10_1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | python-pyasn1 | <= 0:0.6.2-1.el10_1 | 0:0.6.2-1.el10_1 |
| redhat | python3-pyasn1 | <= 0:0.6.2-1.el10_1 | 0:0.6.2-1.el10_1 |
| redhat | python3-pyasn1-modules | <= 0:0.6.2-1.el10_1 | 0:0.6.2-1.el10_1 |
Original title
Red Hat Security Advisory: python-pyasn1 security update
osv CVSS3.1
7.5
- https://access.redhat.com/errata/RHSA-2026:3354 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2430472 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3354.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2026-23490 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-23490 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-23490 Vendor Advisory
- https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970 Third Party Advisory
- https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2 Third Party Advisory
- https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq Third Party Advisory
Published: 26 Feb 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026