Providing security resources for the Ruby community.
Follow us @rubysec or email us via info at

Did you find a security bug in a Ruby library?
We want to hear about it!

Report a new vulnerability

We help maintain the following projects:

Ruby Advisory Database

The canonical, community-maintained, plain-text database of security vulnerability advisories affecting Ruby libraries and virtual machines.

Receive updates via atom or browse the database.


Free utility that audits your Gemfile.lock against the advisory database.