wpscan/lib/common/models/vulnerability.rb

# encoding: UTF-8

require 'vulnerability/output'
require 'vulnerability/urls'

class Vulnerability
  include Vulnerability::Output
  include Vulnerability::Urls

  attr_accessor :title, :references, :type, :fixed_in

  #
  # @param [ String ] title The title of the vulnerability
  # @param [ String ] type  The type of the vulnerability
  # @param [ Hash ] references References
  # @param [ String ] fixed_in  Vuln fixed in Version X
  #
  # @return [ Vulnerability ]
  def initialize(title, type, references = {}, fixed_in = '')
    @title              = title
    @type               = type
    @references         = references
    @fixed_in           = fixed_in
  end

  # @param [ Vulnerability ] other
  #
  # @return [ Boolean ]
  # :nocov:
  def ==(other)
    title == other.title &&
        type == other.type &&
        references == other.references &&
        fixed_in == other.fixed_in
  end
  # :nocov:

  # Create the Vulnerability from the xml_node
  #
  # @param [ Nokogiri::XML::Node ] xml_node
  #
  # @return [ Vulnerability ]
  # def self.load_from_xml_node(xml_node)
  #   references = {}
  #   refs = xml_node.search('references')

  #   if refs
  #     references[:url] = refs.search('url').map(&:text)
  #     references[:cve] = refs.search('cve').map(&:text)
  #     references[:secunia] = refs.search('secunia').map(&:text)
  #     references[:osvdb] = refs.search('osvdb').map(&:text)
  #     references[:metasploit] = refs.search('metasploit').map(&:text)
  #     references[:exploitdb] = refs.search('exploitdb').map(&:text)
  #   end

  #   new(
  #     xml_node.search('title').text,
  #     xml_node.search('type').text,
  #     references,
  #     xml_node.search('fixed_in').text,
  #   )
  # end

  # Create the Vulnerability from the json_item
  #
  # @param [ Hash ] json_item
  #
  # @return [ Vulnerability ]
  def self.load_from_json_item(json_item)
    references = {}

    references[:url]        = json_item['references'].split(',') if json_item['references']
    references[:cve]        = json_item['cve'].split(',') if json_item['cve']
    references[:secunia]    = json_item['secunia'].split(',') if json_item['secunia']
    references[:osvdb]      = json_item['osvdb'].split(',') if json_item['osvdb']
    references[:metasploit] = json_item['metasploit'].split(',') if json_item['metasploit']
    references[:exploitdb]  = json_item['exploitdb'].split(',') if json_item['exploitdb']

    new(
      json_item['title'],
      json_item['type'],
      references,
      json_item['fixed_in'],
    )
  end

end