Lasso

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-47151 CRITICAL POC PATCH Act Now

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Lasso Redhat Suse
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-46784 HIGH POC PATCH This Month

A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr'ouvert Lasso 2.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lasso Redhat Suse
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-46705 HIGH POC PATCH This Month

A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lasso Redhat Suse
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-46404 HIGH POC PATCH This Month

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Lasso Redhat Suse
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-47151
EPSS 0% CVSS 9.8
CRITICAL POC PATCH Act Now

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Lasso +2
NVD
CVE-2025-46784
EPSS 0% CVSS 7.5
HIGH POC PATCH This Month

A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr'ouvert Lasso 2.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lasso Redhat +1
NVD
CVE-2025-46705
EPSS 0% CVSS 7.5
HIGH POC PATCH This Month

A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Lasso Redhat +1
NVD
CVE-2025-46404
EPSS 0% CVSS 7.5
HIGH POC PATCH This Month

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Lasso +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy