2 matches found
Critical: lasso
Issue Overview: A denial of service vulnerability exists in the lassoproviderverifysamlsignature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability. CVE-2025-4640...
PT-2025-45108
Name of the Vulnerable Software and Affected Versions Entr’ouvert Lasso versions 2.5.1 and 2.8.2 Description A denial of service issue exists in the g assert not reached functionality. A specially crafted SAML assertion response can cause a denial of service. An attacker can trigger this by sendi...