Homebrew Program Statistics
9 total issues disclosed
$0 total paid publicly
Most disclosed (4 disclosures) — Information Disclosure
Disclosed Reports
Report Title | Vulnerability Type | Disclosed By | Severity | Disclosed on |
---|---|---|---|---|
Broken parsing of Git diff allows an attacker to inject arbitrary Ruby scripts to Casks on official taps | None supplied | ryotak | Critical | 2021-04-21 |
Email enumeration of users | Information Disclosure | pappan | Medium | 2019-03-05 |
GitHub API Key for BrewTestBot is publicly exposed | Information Disclosure | ejholmes | Critical | 2018-08-11 |
[bot.brew.sh] Full Path Disclosure | Information Disclosure | zephrfish | Medium | 2017-04-26 |
Sensitive information disclosure via response headers on jenkins.brew.sh | Information Exposure Through an Error Message | mrr3boot | Low | 2017-04-25 |
Stack Trace on jenkins.brew.sh | Stack Overflow | mrr3boot | Medium | 2017-04-19 |
Server version disclosure on [jenkins.brew.sh] | Information Disclosure | neutrinoguy | None | 2017-04-19 |
[https://jenkins.brew.sh] Jenkins in Debug Mode with Stack Traces Enabled | Stack Overflow | zephrfish | Medium | 2017-04-19 |
Host header Injection | Violation of Secure Design Principles | smit | Medium | 2017-04-19 |