Security Advisory

CVE-2025-47151

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-05 14:57:01

Last updated 2025-11-05 22:35:15

Assigner talos

State PUBLISHED

Description

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗