Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

rubygems

HackerOneView on HackerOne

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (4)

Asset	Category	Bounty	Quick Links
Malicious or compromised gem	OTHER	No	-
https://github.com/rubygems/rubygems	CODE	No	-
rubygems.org	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
shipit.rubygems.org	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Out-of-Scope Assets (9)

Asset	Category	Bounty
blog.rubygems.org	URL	No
guide.rubygems.org	URL	No
help.rubygems.org	URL	No
http://rubygems.org/names	URL	No
https://s3-us-west-2.amazonaws.com/rubygems-dumps	URL	No
stats.rubygems.org	URL	No
status.rubygems.org	URL	No
support.rubygems.org	URL	No
uptime.rubygems.org	URL	No