USN-4974-1: Lasso vulnerability

USN-4974-1: Lasso vulnerability

It was discovered that Lasso did not properly verify that all
assertions in a SAML response were properly signed. An attacker
could possibly use this to impersonate users or otherwise bypass
access controls.
Source: USN-4974-1: Lasso vulnerability