ruby-oauth/oauth

Releases51

Frequency4 months 4 days

Last Release 25 days ago

Stars674

🔑 A Ruby wrapper for OAuth 1.0, and 1.0a protocols; clients & servers

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2016-11086 ↗	Sep 24, 2020Thursday, 24 September 2020, 20:15	7.4 HIGH	5.8 MEDIUM
lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.