Sha256: 71a32e8e2d641d5e1a3cc8522c4d537fe48f4925a2f011c52655e3c500995681
Contents?: true
Size: 1.17 KB
Versions: 11
Compression:
Stored size: 1.17 KB
Contents
require 'spec_helper'
describe "CVE-2013-0175 security check" do
let (:check) {Dawn::Kb::CVE_2013_0175.new}
it "knows its name" do
check.name.should == "CVE-2013-0175"
end
it "has a 7.5 cvss score" do
check.cvss_score == 7.5
end
it "fires when multi_xml vulnerable gem it has been found" do
check.dependencies = [{:name=>"multi_xml", :version=>"0.5.2"}]
check.vuln?.should == true
end
it "fires when Grape vulnerable gem it has been found" do
check.dependencies = [{:name=>"grape", :version=>"0.2.5"}]
check.vuln?.should == true
end
it "fires when multi_xml gem is not vulnerable but Grape is" do
check.dependencies = [{:name=>"grape", :version=>"0.2.5"}, {:name=>"multi_xml", :version=>"0.5.3"}]
check.vuln?.should == true
end
it "fires when multi_xml gem is vulnerable but Grape is not" do
check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.2"}]
check.vuln?.should == true
end
it "doesn't fire when no vulnerabilities were found" do
check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.3"}]
check.vuln?.should == false
end
end
Version data entries
11 entries across 11 versions & 1 rubygems