Skip to content

Commit a2388e3

Browse files
0llirocks0llirocks
committed
Add test cases for empty metric value
1 parent d3d10c9 commit a2388e3

File tree

3 files changed

+21
-0
lines changed

3 files changed

+21
-0
lines changed

spec/cvss2/cvss2_spec.rb

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
end
3434
let(:invalid_cvss2_extra_slash) { CvssSuite.new('AV:N//AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C') }
3535
let(:invalid_cvss2_wrong_value) { CvssSuite.new('AV:N/AC:L/Au:N/C:P/I:P/A:P/E:R/RL:OF/RC:C') }
36+
let(:invalid_cvss2_empty_value) { CvssSuite.new('AV:N/AC:L/Au:N/C:P/I:P/A:P/E:/RL:OF/RC:C') }
3637

3738
describe 'valid cvss2' do
3839
subject { valid_cvss2 }
@@ -136,6 +137,12 @@
136137
it_behaves_like 'a invalid cvss vector with version', 2
137138
end
138139

140+
describe 'invalid cvss2 with empty value for Exploit Code Maturity (E)' do
141+
subject { invalid_cvss2_empty_value }
142+
143+
it_behaves_like 'a invalid cvss vector with version', 2
144+
end
145+
139146
# Severity tests https://nvd.nist.gov/vuln-metrics/cvss
140147
# v2 Severity High: 7.0 - 10.0
141148
describe 'valid cvss2_severity_high' do

spec/cvss3/cvss3_spec.rb

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@
4848
end
4949
let(:invalid_cvss3_extra_slash) { CvssSuite.new('CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N//I:N/A:H/E:P/RL:U/RC:C/') }
5050
let(:invalid_cvss3_wrong_value) { CvssSuite.new('CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:R/RL:U/RC:C') }
51+
let(:invalid_cvss3_empty_value) { CvssSuite.new('CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:/RL:U/RC:C') }
5152

5253
describe 'valid cvss3' do
5354
subject { valid_cvss3 }
@@ -187,6 +188,12 @@
187188
it_behaves_like 'a invalid cvss vector with version', 3.0
188189
end
189190

191+
describe 'invalid cvss3 with empty value for Exploit Code Maturity (E)' do
192+
subject { invalid_cvss3_empty_value }
193+
194+
it_behaves_like 'a invalid cvss vector with version', 3.0
195+
end
196+
190197
describe 'correct vector' do
191198
[
192199
['CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L', 'CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L'],

spec/cvss31/cvss31_spec.rb

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@
4747
end
4848
let(:invalid_cvss31_extra_slash) { CvssSuite.new('CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N//I:N/A:H/E:P/RL:U/RC:C/') }
4949
let(:invalid_cvss31_wrong_value) { CvssSuite.new('CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:R/RL:U/RC:C') }
50+
let(:invalid_cvss31_empty_value) { CvssSuite.new('CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:/RL:U/RC:C') }
5051

5152
describe 'valid cvss31' do
5253
subject { valid_cvss31 }
@@ -186,6 +187,12 @@
186187
it_behaves_like 'a invalid cvss vector with version', 3.1
187188
end
188189

190+
describe 'invalid cvss31 with wrong value for Exploit Code Maturity (E)' do
191+
subject { invalid_cvss31_empty_value }
192+
193+
it_behaves_like 'a invalid cvss vector with version', 3.1
194+
end
195+
189196
describe 'correct vector' do
190197
[
191198
['CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L', 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L'],

0 commit comments

Comments
 (0)