DEV Community

Stefan Sundin
Stefan Sundin

Posted on

CVE-2020-10187

#security #ruby

About two months ago, I found a CVE in a Ruby gem called Doorkeeper, and today the details were finally made public.

I found a couple of companies that were vulnerable in the wild, so it took some time to contact them and wait for them to patch their websites before the vulnerability was made public. I also worked with the gem maintainer to release a patch.

It's my first ever CVE, so I'm pretty proud of it.

Links:

Top comments (2)

Collapse
 
rhymes profile image
rhymes

Thank you very much Stefan! Your CVE is deeply appreciated :-)

Collapse
 
cryptomance profile image
cryptomance

Thanks for your contribution to a safer world!

Read next

geetfun profile image

Using Thruster web server for Ruby apps

Simon Chiu -

mr-3 profile image

How Minecraft Hypixel Scammers Are Getting Away With Your Accounts

Mr 3 -

ayush7614 profile image

How to Configure WireGuard VPN in the Cloud

Ayush kumar -

shubhamkhan profile image

Beginner’s Guide to AES Encryption and Decryption in JavaScript using CryptoJS

Shubham Khan -