Homebrew


9 total issues disclosed

$0 total paid publicly


Most disclosed (4 disclosures) — Information Disclosure

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
Broken parsing of Git diff allows an attacker to inject arbitrary Ruby scripts to Casks on official taps None supplied ryotak Critical 2021-04-21
Email enumeration of users Information Disclosure pappan Medium 2019-03-05
GitHub API Key for BrewTestBot is publicly exposed Information Disclosure ejholmes Critical 2018-08-11
[bot.brew.sh] Full Path Disclosure Information Disclosure zephrfish Medium 2017-04-26
Sensitive information disclosure via response headers on jenkins.brew.sh Information Exposure Through an Error Message mrr3boot Low 2017-04-25
Stack Trace on jenkins.brew.sh Stack Overflow mrr3boot Medium 2017-04-19
Server version disclosure on [jenkins.brew.sh] Information Disclosure neutrinoguy None 2017-04-19
[https://jenkins.brew.sh] Jenkins in Debug Mode with Stack Traces Enabled Stack Overflow zephrfish Medium 2017-04-19
Host header Injection Violation of Secure Design Principles smit Medium 2017-04-19