Search for packages
| purl | pkg:gem/ruby-openid@2.2.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-32gk-8nfr-kub3
Aliases: CVE-2013-1812 GHSA-6c8p-qphv-668v |
DoS attack to RPs using large XRDS / too many XML entity expansion in XRDS. This security hole enable DoS attack to any RPs using ruby-openid gem. |
Affected by 1 other vulnerability. |
|
VCID-uhur-x9kh-t3hm
Aliases: CVE-2019-11027 GHSA-fqfj-cmh6-hj49 |
Remotely exploitable flaw Ruby OpenID (aka ruby-openid) has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how a web application developer chose to employ the ruby-openid library. Developers who based their OpenID integration heavily on the "example app" provided by the project are at highest risk. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T10:16:29.101294+00:00 | Ruby Importer | Affected by | VCID-32gk-8nfr-kub3 | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby-openid/CVE-2013-1812.yml | 38.6.0 |
| 2026-05-31T09:57:17.429697+00:00 | GitLab Importer | Affected by | VCID-uhur-x9kh-t3hm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/ruby-openid/CVE-2019-11027.yml | 38.6.0 |
| 2026-05-31T09:32:24.129268+00:00 | GitLab Importer | Affected by | VCID-32gk-8nfr-kub3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/ruby-openid/CVE-2013-1812.yml | 38.6.0 |