Red Hat Bugzilla – Bug 1144278
CVE-2014-3651 JBoss KeyCloak: DoS via QR code generation
Last modified: 2015-02-15 16:55:35 EST
It was discovered that by requesting a large enough image size for a generated QR code, a remote attacker could cause uncontrolled resource consumption leading to denial of service for legitimate users.
This issue was discovered by Florian Weimer of Red Hat Product Security.
This issue does not affect any supported Red Hat products.