Search CVE reports
1 – 3 of 3 results
CVE-2021-28091
Medium prioritySome fixes available 4 of 5
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
1 affected package
lasso
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lasso | Not affected | Not affected | Fixed | Fixed | Vulnerable |
CVE-2015-1783
Medium priorityThe prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash)...
1 affected package
lasso
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lasso | — | — | — | Not affected | Not affected |
CVE-2009-0050
Medium priorityLasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar...
1 affected package
lasso
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lasso | — | — | — | — | — |