Sha256: 8b162561c23c5aa664be592dfc9a2c89c5a7275412ad85b14386065e69a3d8a3
Contents?: true
Size: 1.68 KB
Versions: 12
Compression:
Stored size: 1.68 KB
Contents
require 'spec_helper'
describe "The CVE-2014-0082 vulnerability" do
before(:all) do
@check = Codesake::Dawn::Kb::CVE_2014_0082.new
# @check.debug = true
end
it "affects version 3.0.x" do
require 'securerandom'
rand = SecureRandom.random_number(9999)
version = "3.0.#{rand}"
@check.dependencies = [{:name=>"rails", :version=>version}]
@check.vuln?.should be_true
end
it "affects version 2.x.y" do
require 'securerandom'
rand_min = SecureRandom.random_number(9999)
rand_patch = SecureRandom.random_number(9999)
version = "2.#{rand_min}.#{rand_patch}"
@check.dependencies = [{:name=>"rails", :version=>version}]
@check.vuln?.should be_true
end
it "affects version 1.x.y" do
require 'securerandom'
rand_min = SecureRandom.random_number(9999)
rand_patch = SecureRandom.random_number(9999)
version = "1.#{rand_min}.#{rand_patch}"
@check.dependencies = [{:name=>"rails", :version=>version}]
@check.vuln?.should be_true
end
it "doesn't affect version 4.0.2" do
@check.dependencies = [{:name=>"rails", :version=>'4.0.2'}]
@check.vuln?.should be_false
end
it "doesn't affect version 4.0.1" do
@check.dependencies = [{:name=>"rails", :version=>'4.0.1'}]
@check.vuln?.should be_false
end
it "doesn't affect version 4.0.0" do
@check.dependencies = [{:name=>"rails", :version=>'4.0.0'}]
@check.vuln?.should be_false
end
it "doesn't affect version 4.0.3" do
@check.dependencies = [{:name=>"rails", :version=>'4.0.3'}]
@check.vuln?.should be_false
end
it "doesn't affect version 3.2.17" do
@check.dependencies = [{:name=>"rails", :version=>'3.2.17'}]
@check.vuln?.should be_false
end
end
Version data entries
12 entries across 12 versions & 2 rubygems