CVE-2020-10187

#security #ruby

About two months ago, I found a CVE in a Ruby gem called Doorkeeper, and today the details were finally made public.

I found a couple of companies that were vulnerable in the wild, so it took some time to contact them and wait for them to patch their websites before the vulnerability was made public. I also worked with the gem maintainer to release a patch.

It's my first ever CVE, so I'm pretty proud of it.

Links:

Top comments (2)

rhymes • May 4 '20

Thank you very much Stefan! Your CVE is deeply appreciated :-)

cryptomance • May 4 '20

Thanks for your contribution to a safer world!

5 AI-Powered Content Detectors to Help Identify AI-Generated Text

Joy Winter - Oct 10

Tether & USDC: The Backbone of 2024's Stablecoin Surge Amid Security Concerns

soma - Sep 10

Dockerfile Best Practices: Writing Efficient and Secure Docker Images

Uendi Hoxha - Oct 7

Create a self-signed certificate with your own root CA

Sergio Peris - Oct 9

DEV Community