Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Oracle linux
Oracle linuxadded 2025/11/19 12:0 a.m.3 views

lasso security update

2.6.0-14 - Fixing CVE-2025-47151 Resolves: RHEL-126687 CVE-2025-47151 lasso: Type confusion in Entr'ouvert Lasso...

9.8CVSS7.1AI score0.00173EPSS
Exploits1
OSV
OSVadded 2025/11/17 10:3 a.m.2 views

RHSA-2025:21401 Red Hat Security Advisory: lasso security update

Bulletin has no description...

9.8CVSS6.9AI score0.00173EPSS
Exploits1References9
OSV
OSVadded 2025/11/17 12:0 a.m.2 views

ALSA-2025:21628 Critical: lasso security update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...

9.8CVSS6.6AI score0.00173EPSS
Exploits1References4
OSV
OSVadded 2025/11/14 12:38 p.m.1 views

OESA-2025-2664 lasso security update

The package is a implements the Liberty Alliance Single Sign On standards library, includeing the SAML2 and SAML specifications. it provides bindings for multiple languages.and allows to handle the whole life-cycle of SAML based Federations. Security Fixes: A denial of service vulnerability exist...

9.8CVSS7.6AI score0.00174EPSS
Exploits3References4
NVD
NVDadded 2025/11/05 3:15 p.m.3 views

CVE-2025-47151

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

9.8CVSS0.00173EPSS
Exploits1References2
Oracle linux
Oracle linuxadded 2021/11/16 12:0 a.m.34 views

lasso security and enhancement update

2.6.0-12 - Fix a dead code issue in the signature wrapping patch - Resolves: rhbz1951653 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses rhel-8 2.6.0-11 - Bump release to force the package through OSCI as the previous build reached CI just in time for an...

7.5CVSS7.5AI score0.00639EPSS
Exploits0
Amazon
Amazonadded 2021/06/23 12:0 a.m.35 views

Important: lasso

Issue Overview: An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from th...

7.5CVSS7.6AI score0.00639EPSS
Exploits0
NVD
NVDadded 2017/08/11 9:29 p.m.11 views

CVE-2015-1783

The prefix variable in the getordefinens function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service uninitialized memory access and application crash via unspecified vectors...

7.5CVSS7.3AI score0.01056EPSS
Exploits0References5
Rows per page
Query Builder