VYPR

rpm package

almalinux/python3-lasso

pkg:rpm/almalinux/python3-lasso

Vulnerabilities (1)

  • CVE-2025-47151Nov 5, 2025
    affected < 2.7.0-11.el9_7.3fixed 2.7.0-11.el9_7.3

    A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerabili