CVE-2013-1812 – Gentoo Linux Security Advisory 201405-14

https://notcve.org/view.php?id=CVE-2013-1812

12 Dec 2013 — The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack. El gem de ruby-openid anterior a la versión 2.2.2 para Ruby permite a proveedores de OpenID remotos provocar una denegación de servicio (consumo de CPU) a través de (1) un documento XRDS grande o (2) un ataque de XML Entity Expansion (XEE). A vulnerability in Ruby OpenID may lead to Denial of Service. Versions less ... • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120204.html • CWE-399: Resource Management Errors •