Product:

Lasso

(Entrouvert)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 3
Date Id Summary Products Score Patch Annotated
2021-06-04 CVE-2021-28091 Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. Debian_linux, Lasso 7.5
2017-08-11 CVE-2015-1783 The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors. Lasso, Fedora 7.5
2009-01-07 CVE-2009-0050 Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. Lasso N/A