RubygemsResearch

Sha256: ea3f3e9284a65c09e88f5fc9da0fb6fc4f68a5fb7a0a2efb378cc952de03080f

Contents?: true

Size: 816 Bytes

Versions: 6

Compression:

Stored size: 816 Bytes

require 'spec_helper'

describe "The CVE-2013-6414 vulnerability" do
  before(:all) do 
    @check = Dawn::Kb::CVE_2013_6414.new
    # @check.debug = true
  end
  it "is detected if vulnerable version of rails rubygem is detected" do
    @check.dependencies=[{:name=>"rails", :version=>'4.0.1'}]
    expect(@check.vuln?).to   eq(true)
  end
  it "is ignored if rails version is 3.2.x" do 
    @check.dependencies=[{:name=>"rails", :version=>'3.2.22'}]
    expect(@check.vuln?).to   eq(false)
  end

  it "is ignored if rails version is 3.1.x" do 
    @check.dependencies=[{:name=>"rails", :version=>'3.1.16'}]
    expect(@check.vuln?).to   eq(true)
  end
  it "is ignored if rails version is 3.0.x" do 
    @check.dependencies=[{:name=>"rails", :version=>'3.0.16'}]
    expect(@check.vuln?).to   eq(true)
  end

end

Version data entries

6 entries across 6 versions & 1 rubygems

Version	Path
dawnscanner-1.6.9	spec/lib/kb/cve_2013_6414_spec.rb
dawnscanner-1.6.8	spec/lib/kb/cve_2013_6414_spec.rb
dawnscanner-1.6.7	spec/lib/kb/cve_2013_6414_spec.rb
dawnscanner-1.6.6	spec/lib/kb/cve_2013_6414_spec.rb
dawnscanner-1.6.5	spec/lib/kb/cve_2013_6414_spec.rb
dawnscanner-1.6.4	spec/lib/kb/cve_2013_6414_spec.rb