diff --git a/lib/common/models/wp_item/vulnerable.rb b/lib/common/models/wp_item/vulnerable.rb index 4b03eda2..2f4a5fc4 100755 --- a/lib/common/models/wp_item/vulnerable.rb +++ b/lib/common/models/wp_item/vulnerable.rb @@ -9,14 +9,13 @@ class WpItem # # @return [ Vulnerabilities ] def vulnerabilities - json = json(vulns_file).select { |item| !item['vulnerabilities'].empty? } + json = json(vulns_file) vulnerabilities = Vulnerabilities.new json.each do |item| - asset = item['version'][identifier] if item['version'] - asset = item['name'][identifier] if item['name'] + asset = item['version'] || item['name'] - next unless asset + next unless asset == identifier item['vulnerabilities'].each do |vulnerability| vulnerability = Vulnerability.load_from_json_item(vulnerability) diff --git a/spec/lib/common/models/wp_item_spec.rb b/spec/lib/common/models/wp_item_spec.rb index 2cc8f93f..6c2e1aa6 100644 --- a/spec/lib/common/models/wp_item_spec.rb +++ b/spec/lib/common/models/wp_item_spec.rb @@ -15,7 +15,7 @@ describe WpItem do let(:identifier) { 'neo' } let(:expected_refs) { { 'id' => [2993], - 'url' => ['Ref 1,Ref 2'], + 'url' => ['Ref 1', 'Ref 2'], 'cve' => ['2011-001'], 'secunia' => ['secunia'], 'osvdb' => ['osvdb'], diff --git a/spec/lib/common/models/wp_plugin_spec.rb b/spec/lib/common/models/wp_plugin_spec.rb index 6b740667..37848946 100644 --- a/spec/lib/common/models/wp_plugin_spec.rb +++ b/spec/lib/common/models/wp_plugin_spec.rb @@ -9,7 +9,7 @@ describe WpPlugin do let(:vulns_file) { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins.json' } let(:expected_refs) { { 'id' => [2993], - 'url' => ['Ref 1,Ref 2'], + 'url' => ['Ref 1', 'Ref 2'], 'cve' => ['2011-001'], 'secunia' => ['secunia'], 'osvdb' => ['osvdb'], diff --git a/spec/lib/common/models/wp_theme_spec.rb b/spec/lib/common/models/wp_theme_spec.rb index 2809464d..a11b7959 100644 --- a/spec/lib/common/models/wp_theme_spec.rb +++ b/spec/lib/common/models/wp_theme_spec.rb @@ -10,7 +10,7 @@ describe WpTheme do let(:vulns_file) { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.json' } let(:expected_refs) { { 'id' => [2993], - 'url' => ['Ref 1,Ref 2'], + 'url' => ['Ref 1', 'Ref 2'], 'cve' => ['2011-001'], 'secunia' => ['secunia'], 'osvdb' => ['osvdb'], diff --git a/spec/samples/common/models/wp_item/vulnerable/items_vulns.json b/spec/samples/common/models/wp_item/vulnerable/items_vulns.json index 4c9a3b2e..1d1685cc 100644 --- a/spec/samples/common/models/wp_item/vulnerable/items_vulns.json +++ b/spec/samples/common/models/wp_item/vulnerable/items_vulns.json @@ -6,7 +6,7 @@ "id":2989, "title":"Administrator-exploitable blind SQLi in WordPress 1.0 - 3.8.1", "references": { - "url":"https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/,http://www.example.com" + "url": ["https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/" ,"http://www.example.com"] }, "created_at":"2014-07-28T12:10:07.000Z", "updated_at":"2014-07-28T12:43:41.000Z" @@ -20,12 +20,12 @@ "id":2993, "title":"I'm the one", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"XSS", "fixed_in":"", diff --git a/spec/samples/common/models/wp_plugin/vulnerable/plugins.json b/spec/samples/common/models/wp_plugin/vulnerable/plugins.json index 25159019..fbd1ce83 100644 --- a/spec/samples/common/models/wp_plugin/vulnerable/plugins.json +++ b/spec/samples/common/models/wp_plugin/vulnerable/plugins.json @@ -6,12 +6,12 @@ "id":2993, "title":"I should not appear in the results", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1","Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"XSS", "fixed_in":"", @@ -22,12 +22,12 @@ "id":2989, "title":"Neither do I", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1" ,"Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"XSS", "fixed_in":"", @@ -43,12 +43,12 @@ "id":2993, "title":"Follow me!", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"REDIRECT", "fixed_in":"", diff --git a/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json b/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json index accd3061..b4cff81a 100644 --- a/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json +++ b/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json @@ -6,12 +6,12 @@ "id":2989, "title":"I should not appear in the results", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"XSS", "fixed_in":"", @@ -22,12 +22,12 @@ "id":2989, "title":"Neither do I", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"XSS", "fixed_in":"", @@ -43,12 +43,12 @@ "id":2993, "title":"I see you", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"FPD", "fixed_in":"", diff --git a/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json b/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json index e348293e..8df891a6 100644 --- a/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json +++ b/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json @@ -6,12 +6,12 @@ "id":2989, "title":"I should not appear in the results", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"XSS", "fixed_in":"", @@ -27,12 +27,12 @@ "id":2993, "title":"Here I Am", "references": { - "url":"Ref 1,Ref 2", - "osvdb":"osvdb", - "cve":"2011-001", - "secunia":"secunia", - "metasploit":"exploit/ex1", - "exploitdb":"exploitdb" + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] }, "type":"SQLI", "fixed_in":"",