VYPR

RubyGems package

oauth

pkg:gem/oauth

Vulnerabilities (1)

  • CVE-2016-11086Sep 24, 2020
    affected < 0.5.5fixed 0.5.5

    lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.