CVE-2025-46705

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Entr’ouvert Lasso versions 2.5.1 and 2.8.2

Description A denial of service issue exists in the g assert not reached functionality. A specially crafted SAML assertion response can cause a denial of service. An attacker can trigger this by sending a malformed SAML response.

Recommendations Update to a newer version of Entr’ouvert Lasso that addresses this issue.

Exploit

Fix

DoS

RCE

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

AZL-69844

AZL-69857

BDU:2026-05071

CVE-2025-46705

DLA-4397-1

DSA-6058-1

OESA-2025-2662

OESA-2025-2663

OESA-2025-2664

OESA-2025-2665

OESA-2025-2666

OPENSUSE-SU-2025:20083-1

SUSE-SU-2025:21140-1

SUSE-SU-2025:4068-1

SUSE-SU-2025:4090-1

SUSE-SU-2025:4094-1

USN-7872-1

Affected Products

Debian

Entr’Ouvert Lasso

Linuxmint

Suse

Ubuntu

CVE-2025-46705

Weakness Enumeration

Related Identifiers

Affected Products

References · 52