Skip to content

Choosing the wrong resolved-in version for CVE-2024-6286 on Citrix Workspace for Windows #31303

Closed
Closed
Choosing the wrong resolved-in version for CVE-2024-6286 on Citrix Workspace for Windows#31303
Assignees
sharon-fdm
Labels
#g-security-complianceSecurity & Compliance product group:releaseReady to write code. Scheduled in a release. See "Making changes" in handbook.bugSomething isn't working as documented~assisting qaThis issue can be QA'd by anyone outside the QA team when capacity allows~old bugBug has been open over 180 days~software-ingestionIssue regarding ingesting software inventory from a host into Fleet.~vulnerability-management
Milestone
4.83.0
@jahzielv

Description

@jahzielv
jahzielv
opened on Jul 25, 2025

Fleet version: 4.71.0

Web browser and operating system: N/A

💥  Actual behavior

We're choosing version 2403.1 as the resolved-in version, but we should be choosing 2402 since it's earlier:

Image

🧑‍💻  Steps to reproduce

  1. Run TestTranslateCPEToCVE/find_vulns_on_cpes
  2. Note that the earlier version and the one expected in the test do not match

🕯️ More info (optional)

Vulncheck link: https://console.vulncheck.com/cve/CVE-2024-6286

Metadata

Metadata

Assignees

Labels

#g-security-complianceSecurity & Compliance product group:releaseReady to write code. Scheduled in a release. See "Making changes" in handbook.bugSomething isn't working as documented~assisting qaThis issue can be QA'd by anyone outside the QA team when capacity allows~old bugBug has been open over 180 days~software-ingestionIssue regarding ingesting software inventory from a host into Fleet.~vulnerability-management

Type

No type

Projects

🛡️ #g-security-compliance

Status

Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions