RSS   Podatności dla 'Ruby-openid'   RSS

2013-12-12
 
CVE-2013-1812

CWE-399
 

 
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.

 

 >>> Vendor: Janrain 4 Produkty
Janrain engage module
Php-openid
RPX
Ruby-openid


Copyright 2024, cxsecurity.com

 

Back to Top