MiracleLinux 8 : lasso-2.6.0-12.el8 (AXSA:2021-2745:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2745:02 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

MiracleLinux 7 : lasso-2.5.1-8.0.1.el7.AXS7 (AXSA:2021-2283:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2283:01 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

openSUSE 16 Security Update : lasso (openSUSE-SU-2025-20083-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20083-1 advisory. - CVE-2025-46404: specially crafted SAML response can lead to a denial of service bsc1253092. - CVE-2025-46705: specially crafted SAML assertion...

Oracle Linux 9 : lasso (ELSA-2025-21462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21462 advisory. - 2.7.0-11.3 - Fix CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Resolves: RHEL-126684 Tenable has extracted the preceding description block direct...

RockyLinux 9 : lasso (RLSA-2025:21462)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21462 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

Oracle Linux 8 : lasso (ELSA-2025-21628)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21628 advisory. 2.6.0-14 - Fixing CVE-2025-47151 Resolves: RHEL-126687 CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso Tenable has extracted the preceding descriptio...

RockyLinux 8 : lasso (RLSA-2025:21628)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21628 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

AlmaLinux 8 : lasso (ALSA-2025:21628)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21628 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Not...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

SUSE CVE-2025-46404

A denial of service vulnerability exists in the lassoproviderverifysamlsignature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability...

CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

Entrouvert Lasso 安全漏洞

Entrouvert Lasso is a single sign-on protocol implementation library open-sourced by Entrouvert France. A security vulnerability exists in Entrouvert Lasso versions 2.5.1 and 2.8.2, which stems from a flaw in the gassertnotreached function that could lead to a denial of service attack...

Linux Distros Unpatched Vulnerability : CVE-2025-47151

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can...

EUVD-2015-1910

Malware in sbrugna...

EUVD-2009-0059

Malware in sbrugna...

TencentOS Server 3: lasso (TSSA-2022:0247)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0247 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...