CVE-2025-47151: 
NixOS vulnerability analysis and mitigation

A type confusion vulnerability (CVE-2025-47151) was discovered in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso versions 2.5.1 and 2.8.2. The vulnerability was discovered by Keane O'Kelley and another member of Cisco Advanced Security Initiative Group, with initial vendor contact made on May 13, 2025, and public disclosure on November 5, 2025. The affected software, Lasso SAML Library, is an open-source implementation of the Security Assertion Markup Language (SAML) standard used for enabling single sign-on (SSO) functionality across web applications ([Talos](https://talosintelligence.com/vulnerabilityreports/TALOS-2025-2193)).

The vulnerability exists in the SAML response parsing mechanism where lassonodeimplinitfromxml triggers a set of function calls resulting in ghashtableinsert being called with an attacker-controlled string instead of the expected GHashTable* value. The issue is classified as CWE-843 (Access of Resource Using Incompatible Type). The vulnerability has received a CVSS v3.1 base score of 9.8 (Critical) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating high severity across confidentiality, integrity, and availability impacts (Talos).

Successful exploitation of this vulnerability can lead to arbitrary code execution. The critical CVSS score of 9.8 indicates severe potential impacts, with high risks to confidentiality, integrity, and availability of affected systems. The vulnerability requires no privileges or user interaction and can be exploited remotely (Talos).

A patch was released by the vendor on August 12, 2025. Users should upgrade to Lasso version 2.9.0 or later, which contains fixes for this vulnerability. The issue has been addressed in the latest release as confirmed by the Debian security tracker (Debian).