Entrouvert: >> Lasso >> 2.4.0 Security Vulnerabilities
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-06-04
The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.011
Published
2017-08-11