Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-47151

Опубликовано: 05 нояб. 2025
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:entrouvert:lasso:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:entrouvert:lasso:2.8.2:*:*:*:*:*:*:*

EPSS

Процентиль: 33%
0.00132
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-843

Связанные уязвимости

ubuntu логотип

CVE-2025-47151

CVSS3: 9.8
ubuntu
3 месяца назад

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.

debian логотип

CVE-2025-47151

CVSS3: 9.8
debian
3 месяца назад

A type confusion vulnerability exists in the lasso_node_impl_init_from ...

rocky логотип

RLSA-2025:21628

rocky
3 месяца назад

Critical: lasso security update

rocky логотип

RLSA-2025:21462

rocky
3 месяца назад

Critical: lasso security update

github логотип

GHSA-j9px-r24r-fm3p

CVSS3: 9.6
github
3 месяца назад

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.

EPSS

Процентиль: 33%
0.00132
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-843