Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-1812HistoryDec 12, 2013 - 6:55 p.m.
CVE-2013-1812
2013-12-1218:55:10
Debian Security Bug Tracker
security-tracker.debian.org
7
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.7%
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ruby-openid | < 2.1.8debian-6 | ruby-openid_2.1.8debian-6_all.deb |
| Debian | 11 | all | ruby-openid | < 2.1.8debian-6 | ruby-openid_2.1.8debian-6_all.deb |
| Debian | 999 | all | ruby-openid | < 2.1.8debian-6 | ruby-openid_2.1.8debian-6_all.deb |
| Debian | 13 | all | ruby-openid | < 2.1.8debian-6 | ruby-openid_2.1.8debian-6_all.deb |
Related
cve
cve
CVE-2013-1812
2013-12-12 18:55:10
osv
osv
Denial of service in ruby-openid
2017-10-24 18:33:37
cvelist
cvelist
CVE-2013-1812
2013-12-12 18:00:00
nessus
nessus
GLSA-201405-14 : Ruby OpenID: Denial of Service
2014-05-19 00:00:00
Fedora 20 : rubygem-ruby-openid-2.3.0-3.fc20 (2013-20238)
2013-11-11 00:00:00
Fedora 19 : rubygem-ruby-openid-2.3.0-3.fc19 (2013-20260)
2013-11-08 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201405-14
2015-09-29 00:00:00
Fedora Update for rubygem-ruby-openid FEDORA-2013-20260
2013-11-08 00:00:00
Fedora Update for rubygem-ruby-openid FEDORA-2013-20260
2013-11-08 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-ruby-openid-2.3.0-3.fc20
2013-11-10 06:09:33
[SECURITY] Fedora 19 Update: rubygem-ruby-openid-2.3.0-3.fc19
2013-11-08 04:31:28
gentoo
gentoo
Ruby OpenID: Denial of service
2014-05-17 00:00:00
github
github
Denial of service in ruby-openid
2017-10-24 18:33:37
ubuntucve
ubuntucve
CVE-2013-1812
2013-12-12 00:00:00
prion
prion
Design/Logic Flaw
2013-12-12 18:55:00
nvd
nvd
CVE-2013-1812
2013-12-12 18:55:10
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.009 Low
EPSS
Percentile
82.7%
Related for DEBIANCVE:CVE-2013-1812