class Dawn::Kb::CVE_2014_2525
Automatically created with rake on 2014-03-31
Public Class Methods
new()
click to toggle source
Calls superclass method
Dawn::Kb::ComboCheck::new
# File lib/dawn/kb/cve_2014_2525.rb, line 38 def initialize message = "" super({ :name=>"CVE-2014-2525", :cvss=>"", :release_date => Date.new(2014, 3, 28), :cwe=>"", :owasp=>"A9", :applies=>["rails", "sinatra", "padrino"], :kind=>Dawn::KnowledgeBase::COMBO_CHECK, :message=>message, :mitigation=>"Please upgrade your system libyaml or upgrade psych gem to version 2.0.5 or higher that is linked with a safe libyaml version.", :aux_links=>["https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525"], :severity=>:high, :prority=>:high, :checks=>[CVE_2014_2525_a.new, CVE_2014_2525_b.new] }) end