Описание
ELSA-2025-21462: lasso security update (CRITICAL)
[ - 2.7.0-11.3]
- Fix CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Resolves: RHEL-126684
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
lasso
2.7.0-11.el9_7.3
lasso-devel
2.7.0-11.el9_7.3
python3-lasso
2.7.0-11.el9_7.3
Oracle Linux x86_64
lasso
2.7.0-11.el9_7.3
lasso-devel
2.7.0-11.el9_7.3
python3-lasso
2.7.0-11.el9_7.3
Связанные CVE
Связанные уязвимости
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.
A type confusion vulnerability exists in the lasso_node_impl_init_from ...
