Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Lasso
(Entrouvert)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 3 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2021-06-04 | CVE-2021-28091 | Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. | Debian_linux, Lasso, Fedora | 7.5 | ||
2017-08-11 | CVE-2015-1783 | The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors. | Lasso, Fedora | 7.5 | ||
2009-01-07 | CVE-2009-0050 | Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. | Lasso | N/A |