class Brakeman::CheckSQLCVEs

Public Instance Methods

check_cve_2014_0080() click to toggle source
# File lib/brakeman/checks/check_sql_cves.rb, line 95
def check_cve_2014_0080
  return unless version_between? "4.0.0", "4.0.2" and
                @tracker.config.has_gem? :pg

  warn :warning_type => 'SQL Injection',
    :warning_code => :CVE_2014_0080,
    :message => msg(msg_version(rails_version), " contains a SQL injection vulnerability ", msg_cve("CVE-2014-0080"), " with PostgreSQL. Upgrade to ", msg_version("4.0.3")),
    :confidence => :high,
    :gem_info => gemfile_or_environment(:pg),
    :link_path => "https://groups.google.com/d/msg/rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ"
end
check_rails_versions_against_cve_issues() click to toggle source
# File lib/brakeman/checks/check_sql_cves.rb, line 13
def check_rails_versions_against_cve_issues
  issues = [
    {
      :cve => "CVE-2012-2660",
      :versions => [%w[2.0.0 2.3.14 2.3.17], %w[3.0.0 3.0.12 3.0.13], %w[3.1.0 3.1.4 3.1.5], %w[3.2.0 3.2.3 3.2.4]],
      :url => "https://groups.google.com/d/topic/rubyonrails-security/8SA-M3as7A8/discussion"
    },
    {
      :cve => "CVE-2012-2661",
      :versions => [%w[3.0.0 3.0.12 3.0.13], %w[3.1.0 3.1.4 3.1.5], %w[3.2.0 3.2.3 3.2.5]],
      :url => "https://groups.google.com/d/topic/rubyonrails-security/dUaiOOGWL1k/discussion"
    },
    {
      :cve => "CVE-2012-2695",
      :versions => [%w[2.0.0 2.3.14 2.3.15], %w[3.0.0 3.0.13 3.0.14], %w[3.1.0 3.1.5 3.1.6], %w[3.2.0 3.2.5 3.2.6]],
      :url => "https://groups.google.com/d/topic/rubyonrails-security/l4L0TEVAz1k/discussion"
    },
    {
      :cve => "CVE-2012-5664",
      :versions => [%w[2.0.0 2.3.14 2.3.15], %w[3.0.0 3.0.17 3.0.18], %w[3.1.0 3.1.8 3.1.9], %w[3.2.0 3.2.9 3.2.18]],
      :url => "https://groups.google.com/d/topic/rubyonrails-security/DCNTNp_qjFM/discussion"
    },
    {
      :cve => "CVE-2013-0155",
      :versions => [%w[2.0.0 2.3.15 2.3.16], %w[3.0.0 3.0.18 3.0.19], %w[3.1.0 3.1.9 3.1.10], %w[3.2.0 3.2.10 3.2.11]],
      :url => "https://groups.google.com/d/topic/rubyonrails-security/c7jT-EeN9eI/discussion"
    },
    {
      :cve => "CVE-2016-6317",
      :versions => [%w[4.2.0 4.2.7.0 4.2.7.1]],
      :url => "https://groups.google.com/d/msg/ruby-security-ann/WccgKSKiPZA/9DrsDVSoCgAJ"
    },

  ]

  unless lts_version? '2.3.18.6'
   issues << {
      :cve => "CVE-2013-6417",
      :versions => [%w[2.0.0 3.2.15 3.2.16], %w[4.0.0 4.0.1 4.0.2]],
      :url => "https://groups.google.com/d/msg/ruby-security-ann/niK4drpSHT4/g8JW8ZsayRkJ"
    }
  end

  if tracker.config.has_gem? :pg
    issues << {
      :cve => "CVE-2014-3482",
      :versions => [%w[2.0.0 2.9.9 3.2.19], %w[3.0.0 3.2.18 3.2.19], %w[4.0.0 4.0.6 4.0.7], %w[4.1.0 4.1.2 4.1.3]],
      :url => "https://groups.google.com/d/msg/rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J"
    } <<
    {
      :cve => "CVE-2014-3483",
      :versions => [%w[2.0.0 2.9.9 3.2.19], %w[3.0.0 3.2.18 3.2.19], %w[4.0.0 4.0.6 4.0.7], %w[4.1.0 4.1.2 4.1.3]],
      :url => "https://groups.google.com/d/msg/rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J" }
  end

  issues.each do |cve_issue|
    cve_warning_for cve_issue[:versions], cve_issue[:cve], cve_issue[:url]
  end
end
cve_warning_for(versions, cve, link) click to toggle source
# File lib/brakeman/checks/check_sql_cves.rb, line 73
def cve_warning_for versions, cve, link
  upgrade_version = upgrade_version? versions
  return unless upgrade_version

  code = cve.tr('-', '_').to_sym

  warn :warning_type => 'SQL Injection',
    :warning_code => code,
    :message => msg(msg_version(rails_version), " contains a SQL injection vulnerability ", msg_cve(cve), ". Upgrade to ", msg_version(upgrade_version)),
    :confidence => :high,
    :gem_info => gemfile_or_environment,
    :link_path => link
end
run_check() click to toggle source
# File lib/brakeman/checks/check_sql_cves.rb, line 8
def run_check
  check_rails_versions_against_cve_issues
  check_cve_2014_0080
end
upgrade_version?(versions) click to toggle source
# File lib/brakeman/checks/check_sql_cves.rb, line 87
def upgrade_version? versions
  versions.each do |low, high, upgrade|
    return upgrade if version_between? low, high
  end

  false
end