search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.01k stars 417 forks source link

Homebrew intelij `-ce` not flagging vuln #19853

Closed pacamaster closed 1 month ago

pacamaster commented 3 months ago

Fleet version: <!-- Copy this from the "My account" page in the Fleet UI, or run fleetctl --version --> Fleet 4.50.2 Web browser and operating system: Current browser and OS

💥  Actual behavior

-ce extensions are not being flagged under homebrew for https://nvd.nist.gov/vuln/detail/CVE-2024-37051 image image Same behavior with pycham image

🧑‍💻  Steps to reproduce

  1. TODO

🕯️ More info (optional)

This does seem to flag as the normal app but are not picked up when searching specific to the homebrew. The .app without -ce looks like is inclusive to the homebrew packages with this CVE.

JoStableford commented 3 months ago

Related to a Slack conversation

sharon-fdm commented 3 months ago

Hey team! Please add your planning poker estimate with Zenhub @getvictor @mostlikelee @lucasmrod

sharon-fdm commented 3 months ago

Hey team! Please add your planning poker estimate with Zenhub @jacobshandling @RachelElysia

fleet-release commented 1 month ago

Fleet spots the unseen, In the cloud city's glow, a safer code routine.