Vulnerability Details CVE-2025-46404
A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.0%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2025-46404
-
cpe:2.3:a:entrouvert:lasso:2.5.1