A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HEntrouvert Lasso
APPEntrouvert2.5.1
Related vulnerabilities
Type confusion w Entrouvert Lasso — RCE przez złośliwą odpowiedź SAML
A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2....
A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr...
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859...