vulnerability
Ubuntu: USN-7872-1 (CVE-2025-46705): Lasso vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Nov 5, 2025 | Nov 19, 2025 | Nov 20, 2025 |
Description
It was discovered that Lasso incorrectly handled certain malformed SAML
responses. A remote attacker could possibly use this issue to cause Lasso
to crash, resulting in a denial of service. (CVE-2025-46404)
It was discovered that Lasso incorrectly handled certain malformed SAML
assertion responses. A remote attacker could possibly use this issue to
cause Lasso to crash, resulting in a denial of service. (CVE-2025-46705)
It was discovered that Lasso incorrectly handled certain malformed SAML
responses. A remote attacker could possibly use this issue to cause Lasso
to consume memory, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS. (CVE-2025-46784)
It was discovered that Lasso incorrectly handled certain malformed SAML
responses. A remote attacker could use this issue to cause Lasso to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2025-47151)
Solutions
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.