Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-46404

Опубликовано: 05 нояб. 2025
Источник: debian

Описание

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
lassofixed2.9.0-1package

Примечания

  • https://talosintelligence.com/vulnerability_reports/TALOS-2025-2194

  • https://git.entrouvert.org/lasso.git/commit/?id=c880cad13732bcb50cbd9fa376ea39edb53e7d68 (v2.9.0)

Связанные уязвимости

ubuntu логотип

CVE-2025-46404

CVSS3: 7.5
ubuntu
3 месяца назад

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

nvd логотип

CVE-2025-46404

CVSS3: 7.5
nvd
3 месяца назад

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

github логотип

GHSA-2vvf-4m7q-pvpx

CVSS3: 9.6
github
3 месяца назад

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

suse-cvrf логотип

openSUSE-SU-2025:20083-1

suse-cvrf
2 месяца назад

Security update for lasso

suse-cvrf логотип

SUSE-SU-2025:4068-1

suse-cvrf
3 месяца назад

Security update for lasso