Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2vvf-4m7q-pvpx

Опубликовано: 05 нояб. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 9.6

Описание

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 25%
0.00089
Низкий

9.6 Critical

CVSS3

CVE ID

CVE-2025-46404

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2025-46404

CVSS3: 7.5
ubuntu
3 месяца назад

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

nvd логотип

CVE-2025-46404

CVSS3: 7.5
nvd
3 месяца назад

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

debian логотип

CVE-2025-46404

CVSS3: 7.5
debian
3 месяца назад

A denial of service vulnerability exists in the lasso_provider_verify_ ...

suse-cvrf логотип

openSUSE-SU-2025:20083-1

suse-cvrf
2 месяца назад

Security update for lasso

suse-cvrf логотип

SUSE-SU-2025:4068-1

suse-cvrf
3 месяца назад

Security update for lasso

EPSS

Процентиль: 25%
0.00089
Низкий

9.6 Critical

CVSS3

CVE ID

CVE-2025-46404

Дефекты

CWE-476