Sha256: f356bc0e7550ddd03b67c4f8a9a14ce44549bbd31e016df91d98678311e79721
Contents?: true
Size: 1.18 KB
Versions: 9
Compression:
Stored size: 1.18 KB
Contents
require 'spec_helper'
describe "CVE-2013-0175 security check" do
let (:check) {Codesake::Dawn::Kb::CVE_2013_0175.new}
it "knows its name" do
check.name.should == "CVE-2013-0175"
end
it "has a 7.5 cvss score" do
check.cvss_score == 7.5
end
it "fires when multi_xml vulnerable gem it has been found" do
check.dependencies = [{:name=>"multi_xml", :version=>"0.5.2"}]
check.vuln?.should be_true
end
it "fires when Grape vulnerable gem it has been found" do
check.dependencies = [{:name=>"grape", :version=>"0.2.5"}]
check.vuln?.should be_true
end
it "fires when multi_xml gem is not vulnerable but Grape is" do
check.dependencies = [{:name=>"grape", :version=>"0.2.5"}, {:name=>"multi_xml", :version=>"0.5.3"}]
check.vuln?.should be_true
end
it "fires when multi_xml gem is vulnerable but Grape is not" do
check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.2"}]
check.vuln?.should be_true
end
it "doesn't fire when no vulnerabilities were found" do
check.dependencies = [{:name=>"grape", :version=>"0.2.6"}, {:name=>"multi_xml", :version=>"0.5.3"}]
check.vuln?.should be_false
end
end
Version data entries
9 entries across 9 versions & 2 rubygems