GitHub Reveals 4M JavaScript and Ruby Vulnerabilities in Public Repositories

March 22, 2018
Kevin Lam
Tweet about this on TwitterShare on FacebookShare on LinkedInBuffer this pageShare on Google+Email this to someoneShare on RedditShare on StumbleUponDigg thisShare on Tumblr

This is very cool, I didn’t know that GitHub did this. Every time a vulnerability is disclosed in the public related to some open source library, GitHub scans its repositories for applications that depend on those libraries, and in this article http://www.zdnet.com/article/github-our-dependency-scan-has-found-four-million-security-bugs-in-public-repos GitHub reported it found about 4 million vulnerabilities in the code repositories it was hosting.

Right now GitHub is only looking for vulnerabilities in JavaScript and Ruby libraries, and plans to expand to Python, but this is a great GREAT start. Kudos to the GitHub folks.

–Kevin

Tweet about this on TwitterShare on FacebookShare on LinkedInBuffer this pageShare on Google+Email this to someoneShare on RedditShare on StumbleUponDigg thisShare on Tumblr