Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 7 : lasso-2.5.1-8.0.1.el7.AXS7 (AXSA:2021-2283:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2283:01 advisory. lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Tenable has extracted the preceding description block directly from th...

7.5CVSS5.5AI score0.01325EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2022/10/05 5:21 p.m.16 views

CVE-2021-28091 affecting package lasso for versions less than 2.8.0-1

CVE-2021-28091 affecting package lasso for versions less than 2.8.0-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.6AI score0.01325EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.22 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : lasso Vulnerability (NS-SA-2022-0011)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has lasso packages installed that are affected by a vulnerability: - Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. CVE-2021-28091 Note that Nessus has not tested for this issue but ha...

7.5CVSS7.3AI score0.01325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.20 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : lasso Vulnerability (NS-SA-2022-0046)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has lasso packages installed that are affected by a vulnerability: - Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. CVE-2021-28091 Note that Nessus has not tested for this issue but ha...

7.5CVSS7.3AI score0.01325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.24 views

AlmaLinux 8 : lasso (ALSA-2021:4325)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4325 advisory. - Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. CVE-2021-28091 Note that Nessus has not tested for this issue but has...

7.5CVSS7.3AI score0.01325EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.35 views

RHEL 8 : lasso (RHSA-2021:4325)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4325 advisory. The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2...

7.5CVSS7.3AI score0.01325EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2021/11/09 6:12 p.m.25 views

Moderate: Red Hat Security Advisory: lasso security and enhancement update

An update for lasso is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.1AI score0.01325EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2021/11/09 9:1 a.m.27 views

Moderate: lasso security and enhancement update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: XML...

7.5CVSS7.5AI score0.01325EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/10/26 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for lasso (EulerOS-SA-2021-2589)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01325EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/25 12:0 a.m.31 views

EulerOS 2.0 SP3 : lasso (EulerOS-SA-2021-2589)

According to the versions of the lasso packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. CVE-2021-28091 Note that Tenable Network Security has...

7.5CVSS7.3AI score0.01325EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/09/24 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for lasso (EulerOS-SA-2021-2467)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01325EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/09/15 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for lasso (EulerOS-SA-2021-2393)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01325EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/09/09 12:0 a.m.18 views

Amazon Linux AMI : lasso (ALAS-2021-1529)

The version of lasso installed on the remote host is prior to 2.5.1-8.6. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1529 advisory. An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to...

7.5CVSS7.2AI score0.01325EPSS
Exploits0References3
Amazon
Amazon
added 2021/09/08 12:0 a.m.29 views

Important: lasso

Issue Overview: An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from th...

7.5CVSS7.6AI score0.01325EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/09/04 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for lasso (EulerOS-SA-2021-2337)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01325EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/08/04 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01325EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/08/03 12:0 a.m.25 views

Scientific Linux Security Update : lasso on SL7.x i686/x86_64 (2021:2989)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:2989-1 advisory. - lasso: XML signature wrapping vulnerability when parsing SAML responses CVE-2021-28091 Note that Nessus has not tested for this issue but has instead...

7.5CVSS7.3AI score0.01325EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/03 12:0 a.m.27 views

SUSE SLED12 / SLES12 Security Update : lasso (SUSE-SU-2021:2589-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2589-1 advisory. - CVE-2021-28091: Fixed XML signature wrapping vulnerability when parsing SAML responses. bsc1186768 Tenable has extracted the...

7.5CVSS7.2AI score0.01325EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/08/02 4:2 p.m.65 views

Important: Red Hat Security Advisory: lasso security update

An update for lasso is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS7.1AI score0.01325EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2021/08/02 12:0 a.m.37 views

lasso security update

2.5.1-8 - Fix Coverity warning introduced by the previous patch - Related: 1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses 2.5.1-7 - Fix Coverity warning introduced by the previous patch - Related: 1963855 - CVE-2021-28091 lasso: XML signature...

7.5CVSS2.8AI score0.01325EPSS
Exploits0
Rows per page
Query Builder