CVE-2025-46705

High CVSS: 7.5

A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML assertion response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

Vendor

Entrouvert

Product

Lasso

CWE

CWE-617

Yayın Tarihi

2025-11-05 15:15:38

Güncelleme

2025-11-07 20:02:36

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-617 Lasso HIGH Entrouvert 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2196 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2196

Benzer Kayıtlar

High

CVE-2025-46784

A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr'ouver…

Critical

CVE-2025-47151

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1…

High

CVE-2025-46404

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert La…