Class: Bundler::Audit::Advisory
- Inherits:
-
Struct
- Object
- Struct
- Bundler::Audit::Advisory
- Defined in:
- lib/bundler/audit/advisory.rb
Instance Attribute Summary collapse
-
#cve ⇒ Object
Returns the value of attribute cve.
-
#cvss_v2 ⇒ Object
Returns the value of attribute cvss_v2.
-
#cvss_v3 ⇒ Object
Returns the value of attribute cvss_v3.
-
#date ⇒ Object
Returns the value of attribute date.
-
#description ⇒ Object
Returns the value of attribute description.
-
#ghsa ⇒ Object
Returns the value of attribute ghsa.
-
#id ⇒ Object
(also: #to_s)
Returns the value of attribute id.
-
#osvdb ⇒ Object
Returns the value of attribute osvdb.
-
#patched_versions ⇒ Object
Returns the value of attribute patched_versions.
-
#path ⇒ Object
Returns the value of attribute path.
-
#title ⇒ Object
Returns the value of attribute title.
-
#unaffected_versions ⇒ Object
Returns the value of attribute unaffected_versions.
-
#url ⇒ Object
Returns the value of attribute url.
Class Method Summary collapse
-
.load(path) ⇒ Advisory
Loads the advisory from a YAML file.
Instance Method Summary collapse
-
#criticality ⇒ :none, ...
Determines how critical the vulnerability is.
-
#cve_id ⇒ String?
The CVE identifier.
-
#ghsa_id ⇒ String?
The GHSA (GitHub Security Advisory) identifier.
-
#identifiers ⇒ Array<String>
Return a compacted list of all ids.
-
#osvdb_id ⇒ String?
The OSVDB identifier.
-
#patched?(version) ⇒ Boolean
Checks whether the version is patched against the advisory.
-
#unaffected?(version) ⇒ Boolean
Checks whether the version is not affected by the advisory.
-
#vulnerable?(version) ⇒ Boolean
Checks whether the version is vulnerable to the advisory.
Instance Attribute Details
#cve ⇒ Object
Returns the value of attribute cve
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def cve @cve end |
#cvss_v2 ⇒ Object
Returns the value of attribute cvss_v2
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def cvss_v2 @cvss_v2 end |
#cvss_v3 ⇒ Object
Returns the value of attribute cvss_v3
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def cvss_v3 @cvss_v3 end |
#date ⇒ Object
Returns the value of attribute date
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def date @date end |
#description ⇒ Object
Returns the value of attribute description
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def description @description end |
#ghsa ⇒ Object
Returns the value of attribute ghsa
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def ghsa @ghsa end |
#id ⇒ Object Also known as: to_s
Returns the value of attribute id
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def id @id end |
#osvdb ⇒ Object
Returns the value of attribute osvdb
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def osvdb @osvdb end |
#patched_versions ⇒ Object
Returns the value of attribute patched_versions
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def patched_versions @patched_versions end |
#path ⇒ Object
Returns the value of attribute path
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def path @path end |
#title ⇒ Object
Returns the value of attribute title
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def title @title end |
#unaffected_versions ⇒ Object
Returns the value of attribute unaffected_versions
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def unaffected_versions @unaffected_versions end |
#url ⇒ Object
Returns the value of attribute url
22 23 24 |
# File 'lib/bundler/audit/advisory.rb', line 22 def url @url end |
Class Method Details
.load(path) ⇒ Advisory
Loads the advisory from a YAML file.
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/bundler/audit/advisory.rb', line 46 def self.load(path) id = File.basename(path).chomp('.yml') data = YAML.load_file(path) unless data.kind_of?(Hash) raise("advisory data in #{path.dump} was not a Hash") end parse_versions = lambda { |versions| Array(versions).map do |version| Gem::Requirement.new(*version.split(', ')) end } return new( path, id, data['url'], data['title'], data['date'], data['description'], data['cvss_v2'], data['cvss_v3'], data['cve'], data['osvdb'], data['ghsa'], parse_versions[data['unaffected_versions']], parse_versions[data['patched_versions']] ) end |
Instance Method Details
#criticality ⇒ :none, ...
Determines how critical the vulnerability is.
127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 |
# File 'lib/bundler/audit/advisory.rb', line 127 def criticality if cvss_v3 case cvss_v3 when 0.0 then :none when 0.1..3.9 then :low when 4.0..6.9 then :medium when 7.0..8.9 then :high when 9.0..10.0 then :critical end elsif cvss_v2 case cvss_v2 when 0.0..3.9 then :low when 4.0..6.9 then :medium when 7.0..10.0 then :high end end end |
#cve_id ⇒ String?
The CVE identifier.
82 83 84 |
# File 'lib/bundler/audit/advisory.rb', line 82 def cve_id "CVE-#{cve}" if cve end |
#ghsa_id ⇒ String?
The GHSA (GitHub Security Advisory) identifier
102 103 104 |
# File 'lib/bundler/audit/advisory.rb', line 102 def ghsa_id "GHSA-#{ghsa}" if ghsa end |
#identifiers ⇒ Array<String>
Return a compacted list of all ids
113 114 115 116 117 118 119 |
# File 'lib/bundler/audit/advisory.rb', line 113 def identifiers [ cve_id, osvdb_id, ghsa_id ].compact end |
#osvdb_id ⇒ String?
The OSVDB identifier.
91 92 93 |
# File 'lib/bundler/audit/advisory.rb', line 91 def osvdb_id "OSVDB-#{osvdb}" if osvdb end |
#patched?(version) ⇒ Boolean
Checks whether the version is patched against the advisory.
173 174 175 176 177 |
# File 'lib/bundler/audit/advisory.rb', line 173 def patched?(version) patched_versions.any? do |patched_version| patched_version === version end end |
#unaffected?(version) ⇒ Boolean
Checks whether the version is not affected by the advisory.
156 157 158 159 160 |
# File 'lib/bundler/audit/advisory.rb', line 156 def unaffected?(version) unaffected_versions.any? do |unaffected_version| unaffected_version === version end end |
#vulnerable?(version) ⇒ Boolean
Checks whether the version is vulnerable to the advisory.
188 189 190 |
# File 'lib/bundler/audit/advisory.rb', line 188 def vulnerable?(version) !patched?(version) && !unaffected?(version) end |