CNNVD-202511-418 Information

CNNVD ID

CNNVD-202511-418

Related CVE

CVE-2025-46705

• CNNVD Published: 2025-11-05

Description (Chinese)

Entrouvert Lasso是法国Entrouvert开源的一个单点登录协议实现库。 Entrouvert Lasso 2.5.1版本和2.8.2版本存在安全漏洞，该漏洞源于g_assert_not_reached功能存在缺陷，可能导致拒绝服务攻击。

Description (English)

Entrouvert Lasso is a single point-entry protocol realization bank for the open source Entrouvert in France. There is a security loophole in Entrouvert Lasso 2.5.1 and 2.8.2, which stems from deficiencies in g assert not reached ’ s functionality, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Entrouvert

Published

2025-11-05

Last Modified

2026-02-24

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2196 https://vigilance.fr/vulnerability/Lasso-denial-of-service-via-g-assert-not-reached-48744

Patch

https://lasso.entrouvert.org/