Checks the potential introduced_in version
This commit is contained in:
erwanlr
@@ -53,7 +53,9 @@ module WPScan
|
|||||||
#
|
#
|
||||||
# @return [ Boolean ]
|
# @return [ Boolean ]
|
||||||
def vulnerable_to?(vuln)
|
def vulnerable_to?(vuln)
|
||||||
return true unless version && vuln && vuln.fixed_in && !vuln.fixed_in.empty?
|
return false if version && vuln&.introduced_in && version < vuln.introduced_in
|
||||||
|
|
||||||
|
return true unless version && vuln&.fixed_in && !vuln.fixed_in.empty?
|
||||||
|
|
||||||
version < vuln.fixed_in
|
version < vuln.fixed_in
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -21,6 +21,7 @@ module WPScan
|
|||||||
references: references,
|
references: references,
|
||||||
type: json_data['vuln_type'],
|
type: json_data['vuln_type'],
|
||||||
fixed_in: json_data['fixed_in'],
|
fixed_in: json_data['fixed_in'],
|
||||||
|
introduced_in: json_data['introduced_in'],
|
||||||
cvss: json_data['cvss']&.symbolize_keys
|
cvss: json_data['cvss']&.symbolize_keys
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -195,50 +195,108 @@ describe WPScan::Model::Plugin do
|
|||||||
end
|
end
|
||||||
|
|
||||||
context 'when vulnerabilities' do
|
context 'when vulnerabilities' do
|
||||||
let(:slug) { 'vulnerable-not-popular' }
|
context 'when only fixed_in' do
|
||||||
let(:db_data) { vuln_api_data_for('plugins/vulnerable-not-popular') }
|
let(:slug) { 'vulnerable-not-popular' }
|
||||||
|
let(:db_data) { vuln_api_data_for('plugins/vulnerable-not-popular') }
|
||||||
|
|
||||||
let(:all_vulns) do
|
let(:all_vulns) do
|
||||||
[
|
[
|
||||||
WPScan::Vulnerability.new(
|
WPScan::Vulnerability.new(
|
||||||
'First Vuln <= 6.3.10 - LFI',
|
'First Vuln <= 6.3.10 - LFI',
|
||||||
references: { wpvulndb: '1' },
|
references: { wpvulndb: '1' },
|
||||||
type: 'LFI',
|
type: 'LFI',
|
||||||
fixed_in: '6.3.10'
|
fixed_in: '6.3.10'
|
||||||
),
|
),
|
||||||
WPScan::Vulnerability.new('No Fixed In', references: { wpvulndb: '2' })
|
WPScan::Vulnerability.new('No Fixed In', references: { wpvulndb: '2' })
|
||||||
]
|
]
|
||||||
end
|
|
||||||
|
|
||||||
context 'when no plugin version' do
|
|
||||||
before { expect(plugin).to receive(:version).at_least(1).and_return(false) }
|
|
||||||
|
|
||||||
it 'returns all the vulnerabilities' do
|
|
||||||
@expected = all_vulns
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context 'when plugin version' do
|
|
||||||
before do
|
|
||||||
expect(plugin)
|
|
||||||
.to receive(:version)
|
|
||||||
.at_least(1)
|
|
||||||
.and_return(WPScan::Model::Version.new(number))
|
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when < to a fixed_in' do
|
context 'when no plugin version' do
|
||||||
let(:number) { '5.0' }
|
before { expect(plugin).to receive(:version).at_least(1).and_return(false) }
|
||||||
|
|
||||||
it 'returns it' do
|
it 'returns all the vulnerabilities' do
|
||||||
@expected = all_vulns
|
@expected = all_vulns
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'when >= to a fixed_in' do
|
context 'when plugin version' do
|
||||||
let(:number) { '6.3.10' }
|
before do
|
||||||
|
expect(plugin)
|
||||||
|
.to receive(:version)
|
||||||
|
.at_least(1)
|
||||||
|
.and_return(WPScan::Model::Version.new(number))
|
||||||
|
end
|
||||||
|
|
||||||
it 'does not return it ' do
|
context 'when < to fixed_in' do
|
||||||
@expected = [all_vulns.last]
|
let(:number) { '5.0' }
|
||||||
|
|
||||||
|
it 'returns it' do
|
||||||
|
@expected = all_vulns
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when >= to fixed_in' do
|
||||||
|
let(:number) { '6.3.10' }
|
||||||
|
|
||||||
|
it 'does not return it ' do
|
||||||
|
@expected = [all_vulns.last]
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when introduced_in' do
|
||||||
|
let(:db_data) { vuln_api_data_for('plugins/vulnerable-introduced-in') }
|
||||||
|
|
||||||
|
let(:all_vulns) do
|
||||||
|
[
|
||||||
|
WPScan::Vulnerability.new(
|
||||||
|
'Introduced In 6.4',
|
||||||
|
fixed_in: '6.5',
|
||||||
|
introduced_in: '6.4',
|
||||||
|
references: { wpvulndb: '1' }
|
||||||
|
)
|
||||||
|
]
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when no plugin version' do
|
||||||
|
before { expect(plugin).to receive(:version).at_least(1).and_return(false) }
|
||||||
|
|
||||||
|
it 'returns all the vulnerabilities' do
|
||||||
|
@expected = all_vulns
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when plugin version' do
|
||||||
|
before do
|
||||||
|
expect(plugin)
|
||||||
|
.to receive(:version)
|
||||||
|
.at_least(1)
|
||||||
|
.and_return(WPScan::Model::Version.new(number))
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when < to introduced_in' do
|
||||||
|
let(:number) { '5.0' }
|
||||||
|
|
||||||
|
it 'does not return it' do
|
||||||
|
@expected = []
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when >= to fixed_in' do
|
||||||
|
let(:number) { '6.5' }
|
||||||
|
|
||||||
|
it 'does not return it' do
|
||||||
|
@expected = []
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when >= to introduced_in' do
|
||||||
|
let(:number) { '6.4' }
|
||||||
|
|
||||||
|
it 'returns it' do
|
||||||
|
@expected = all_vulns
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
13
spec/fixtures/db/vuln_api/plugins/vulnerable-introduced-in.json
vendored
Normal file
13
spec/fixtures/db/vuln_api/plugins/vulnerable-introduced-in.json
vendored
Normal file
@@ -0,0 +1,13 @@
|
|||||||
|
{
|
||||||
|
"latest_version": null,
|
||||||
|
"last_updated": null,
|
||||||
|
"popular": false,
|
||||||
|
"vulnerabilities" : [
|
||||||
|
{
|
||||||
|
"title": "Introduced In 6.4",
|
||||||
|
"id": 1,
|
||||||
|
"introduced_in": "6.4",
|
||||||
|
"fixed_in": "6.5"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user