Class: Bundler::Audit::Advisory
- Inherits:
-
Struct
- Object
- Struct
- Bundler::Audit::Advisory
- Defined in:
- lib/bundler/audit/advisory.rb
Instance Attribute Summary collapse
-
#cve ⇒ Object
Returns the value of attribute cve.
-
#cvss_v2 ⇒ Object
Returns the value of attribute cvss_v2.
-
#description ⇒ Object
Returns the value of attribute description.
-
#patched_versions ⇒ Object
Returns the value of attribute patched_versions.
-
#title ⇒ Object
Returns the value of attribute title.
-
#url ⇒ Object
Returns the value of attribute url.
Class Method Summary collapse
-
.load(path) ⇒ Advisory
Loads the advisory from a YAML file.
Instance Method Summary collapse
-
#criticality ⇒ :low, ...
Determines how critical the vulnerability is.
-
#vulnerable?(version) ⇒ Boolean
Checks whether the version is vulnerable to the advisory.
Instance Attribute Details
#cve ⇒ Object
Returns the value of attribute cve
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def cve @cve end |
#cvss_v2 ⇒ Object
Returns the value of attribute cvss_v2
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def cvss_v2 @cvss_v2 end |
#description ⇒ Object
Returns the value of attribute description
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def description @description end |
#patched_versions ⇒ Object
Returns the value of attribute patched_versions
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def patched_versions @patched_versions end |
#title ⇒ Object
Returns the value of attribute title
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def title @title end |
#url ⇒ Object
Returns the value of attribute url
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def url @url end |
Class Method Details
.load(path) ⇒ Advisory
Loads the advisory from a YAML file.
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
# File 'lib/bundler/audit/advisory.rb', line 39 def self.load(path) cve = File.basename(path).chomp('.yml') data = YAML.load_file(path) unless data.kind_of?(Hash) raise("advisory data in #{path.dump} was not a Hash") end return new( cve, data['url'], data['title'], data['description'], data['cvss_v2'], Array(data['patched_versions']).map { |version| Gem::Requirement.new(*version.split(', ')) }, ) end |
Instance Method Details
#criticality ⇒ :low, ...
Determines how critical the vulnerability is.
65 66 67 68 69 70 71 |
# File 'lib/bundler/audit/advisory.rb', line 65 def criticality case cvss_v2 when 0.0..3.3 then :low when 3.3..6.6 then :medium when 6.6..10.0 then :high end end |
#vulnerable?(version) ⇒ Boolean
Checks whether the version is vulnerable to the advisory.
82 83 84 85 86 |
# File 'lib/bundler/audit/advisory.rb', line 82 def vulnerable?(version) !patched_versions.any? do |patched_version| patched_version === version end end |