The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the `pyasn1` library is vulnerable to a     Denial of Service (DoS) attack caused by uncontrolled recursion when decoding ASN.1 data with deeply     nested structures. An attacker can supply a crafted payload containing thousands of nested `SEQUENCE`     (`0x30`) or `SET` (`0x31`) tags with Indefinite Length (`0x80`) markers. This forces the decoder to     recursively call itself until the Python interpreter crashes with a `RecursionError` or consumes all     available memory (OOM), crashing the host application. This is a distinct vulnerability from     CVE-2026-23490 (which addressed integer overflows in OID decoding). The fix for CVE-2026-23490     (`MAX_OID_ARC_CONTINUATION_OCTETS`) does not mitigate this recursion issue. Version 0.6.3 fixes this     specific issue. (CVE-2026-30922)

Note that Nessus relies on the presence of the package as reported by the vendor.

Detections

Analytics

Linux Distros Unpatched Vulnerability : CVE-2026-30922

high Nessus Plugin ID 302886

Version 1.9

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.1

Version 1.9 Apr 5, 2026, 3:14 PM Detection (updated detection logic) Plugin metadata Plugin Feed: 202604051514
Version 1.8 Apr 1, 2026, 10:26 AM Plugin metadata Plugin Feed: 202604011026
Version 1.7 Apr 1, 2026, 3:37 AM Plugin metadata Detection (updated detection logic) Plugin Feed: 202604010337
Version 1.6 Mar 31, 2026, 4:03 AM Detection (updated detection logic) Plugin metadata Plugin Feed: 202603310403
Version 1.5 Mar 23, 2026, 8:09 PM Detection (updated detection logic) Plugin metadata Plugin Feed: 202603232009
Version 1.4 Mar 23, 2026, 11:56 AM CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:U/RC:C") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Exploit attributes ("Exploit available" set to "True") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:U/RC:C") Plugin Feed: 202603231156
Version 1.3 Mar 19, 2026, 12:10 PM Detection (updated detection logic) Plugin metadata Plugin Feed: 202603191210
Version 1.1 Mar 18, 2026, 7:26 PM New Plugin Feed: 202603181926