CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Janrain: >> Ruby-Openid Security Vulnerabilities

CVE-2013-1812

The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.

CVSS Score

4.3

EPSS Score

0.005

Published

2013-12-12

Page 1

Vulnerabilities

Vulnerable Software

Janrain: >> Ruby-Openid Security Vulnerabilities

Products

Pricing

Contact Us