Sha256: 3f3acf3be066faba7d7ed37ba17ff0e12aba5e45bacc2924be84382fe0348a9f
Contents?: true
Size: 1.61 KB
Versions: 10
Compression:
Stored size: 1.61 KB
Contents
require 'brakeman/checks/base_check'
#sanitize and sanitize_css are vulnerable:
#CVE-2013-1855 and CVE-2013-1857
class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
Brakeman::Checks.add self
@description = "Checks for versions with vulnerable sanitize and sanitize_css"
def run_check
@fix_version = case
when version_between?('2.0.0', '2.3.17')
'2.3.18'
when version_between?('3.0.0', '3.0.99')
'3.2.13'
when version_between?('3.1.0', '3.1.11')
'3.1.12'
when version_between?('3.2.0', '3.2.12')
'3.2.13'
else
return
end
check_cve_2013_1855
check_cve_2013_1857
end
def check_cve_2013_1855
check_for_cve :sanitize_css, :CVE_2013_1855, "https://groups.google.com/d/msg/rubyonrails-security/4_QHo4BqnN8/_RrdfKk12I4J"
end
def check_cve_2013_1857
check_for_cve :sanitize, :CVE_2013_1857, "https://groups.google.com/d/msg/rubyonrails-security/zAAU7vGTPvI/1vZDWXqBuXgJ"
end
def check_for_cve method, code, link
tracker.find_call(:target => false, :method => method).each do |result|
next if duplicate? result
add_result result
message = "Rails #{rails_version} has a vulnerability in #{method}: upgrade to #{@fix_version} or patch"
if include_user_input? result[:call]
confidence = CONFIDENCE[:high]
else
confidence = CONFIDENCE[:medium]
end
warn :result => result,
:warning_type => "Cross Site Scripting",
:warning_code => code,
:message => message,
:confidence => CONFIDENCE[:high],
:link_path => link
end
end
end
Version data entries
10 entries across 10 versions & 2 rubygems