View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2014-8080 severity low: SUSE including 41 source package names (4.0.0:libruby2_1-2_1-2.1.2-9.1, 4.0.0:ruby2.1-2.1.2-9.1, …), 170 product×package rows across 59 product lines (Container caasp/v4/velum, Image SLES12-SP5-Azure-BYOS, … (59 product lines)): Fixed 160, Known Not Affected 10.
The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.