Описание
ELSA-2025-21628: lasso security update (CRITICAL)
[2.6.0-14]
- Fixing CVE-2025-47151 Resolves: RHEL-126687 CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
lasso
2.6.0-14.el8_10
lasso-devel
2.6.0-14.el8_10
python3-lasso
2.6.0-14.el8_10
Oracle Linux x86_64
lasso
2.6.0-14.el8_10
lasso-devel
2.6.0-14.el8_10
python3-lasso
2.6.0-14.el8_10
Связанные CVE
Связанные уязвимости
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.
A type confusion vulnerability exists in the lasso_node_impl_init_from ...
