MiracleLinux 9 : lasso-2.7.0-11.el9.3 (AXSA:2025-11104:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11104:02 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Oracle Linux 7 : lasso (ELSA-2025-21404)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21404 advisory. 2.5.1-8.0.1 - Fixes CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Orabug: 38658691 Tenable has extracted the preceding description block directly...

lasso security update

2.5.1-8.0.1 - Fixes CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Orabug: 38658691...

Dell ControlVault, Lasso, GL.iNet vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Dell ControlVault 3 firmware and its associated Windows software, four vulnerabilities in Entr'ouvert Lasso, and one vulnerability in GL.iNet Slate AX. The vulnerabilities mentioned in this blog post...

Oracle Linux 9 : lasso (ELSA-2025-21462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21462 advisory. - 2.7.0-11.3 - Fix CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Resolves: RHEL-126684 Tenable has extracted the preceding description block direct...

lasso security update

2.7.0-11.3 - Fix CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Resolves: RHEL-126684...

RockyLinux 9 : lasso (RLSA-2025:21462)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21462 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

RLSA-2025:21462 Critical: lasso security update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...

AlmaLinux 8 : lasso (ALSA-2025:21628)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21628 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Not...

lasso security update

2.6.0-14 - Fixing CVE-2025-47151 Resolves: RHEL-126687 CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso...

RLSA-2025:21628 Critical: lasso security update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

Critical: Red Hat Security Advisory: lasso security update

An update for lasso is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

RHEL 9 : lasso (RHSA-2025:21405)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:21405 advisory. The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2...