CVE-2025-46404 | Entr’ouvert Lasso 2.5.1 SAML Response lasso_provider_verify_saml_signature null pointer dereference (TALOS-2025-2194)

A vulnerability identified as problematic has been detected in Entr’ouvert Lasso 2.5.1. Affected by this issue is the function lasso_provider_verify_saml_signature of the component SAML Response Handler. The manipulation leads to null pointer dereference.

This vulnerability is uniquely identified as CVE-2025-46404. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More