Better code related to CVSS

2020-04-16 10:06:28 +02:00
parent f146ee7e9f
commit f4a6674eed
3 changed files with 6 additions and 6 deletions
--- a/lib/wpscan/vulnerability.rb
+++ b/lib/wpscan/vulnerability.rb
@@ -16,14 +16,12 @@ module WPScan
        end
      end

-      cvss = { score: json_data['cvss_risk_score'], vector: json_data['cvss_vector'] } if json_data['cvss_risk_score']
-
      new(
        json_data['title'],
        references: references,
        type: json_data['vuln_type'],
        fixed_in: json_data['fixed_in'],
-        cvss: cvss
+        cvss: json_data['cvss']&.symbolize_keys
      )
    end
  end
--- a/spec/fixtures/db/vuln_api/wordpresses/381.json
+++ b/spec/fixtures/db/vuln_api/wordpresses/381.json
@@ -10,8 +10,10 @@
      "vuln_type" : "SQLI",
      "published_date" : null,
      "fixed_in" : null,
-      "cvss_risk_score": "5.4",
-      "cvss_vector": "VECTOR"
+      "cvss": {
+        "score": "5.4",
+        "vector": "VECTOR"
+      }
     },
     {
      "references" : {
--- a/wpscan.gemspec
+++ b/wpscan.gemspec
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
  s.executables           = ['wpscan']
  s.require_paths         = ['lib']

-  s.add_dependency 'cms_scanner', '~> 0.9.0'
+  s.add_dependency 'cms_scanner', '~> 0.10.0'

  s.add_development_dependency 'bundler',             '>= 1.6'
  s.add_development_dependency 'memory_profiler',     '~> 0.9.13'