2 matches found
CVE-2025-46705 affecting package lasso for versions less than 2.9.0-1
CVE-2025-46705 affecting package lasso for versions less than 2.9.0-1. An upgraded version of the package is available that resolves this issue...
AZL-69847 CVE-2025-46784 affecting package lasso for versions less than 2.9.0-1
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...