JoStableford
commented
3 months ago Closed ddribeiro closed 2 weeks ago
JoStableford
commented
3 months ago 
sharon-fdm
commented
3 months ago Hey team! Please add your planning poker estimate with Zenhub @getvictor @jacobshandling @lucasmrod @mostlikelee @RachelElysia
sharon-fdm
commented
2 months ago Timebox 2 points to reproduce.
mostlikelee
commented
1 month ago @ddribeiro cleanups for vulnerabilities runs every 2 * periodicity (1hr being the default periodicity for the vulnerability cron). So, found vulnerabilities that no longer apply are deleted at that time. Could this be what we're running into here?
xpkoala
commented
3 weeks ago @ddribeiro was there any follow up to this issue? If not we'll be closing it out as stale. Thank you!
ddribeiro
commented
3 weeks ago @xpkoala The customer responded to my thread last night with a link to schedule a troubleshooting call. I think we're going to set something up to learn more details about the behavior and report back.
ddribeiro
commented
2 weeks ago @xpkoala We can go ahead and close this issue. We haven't been able to get more info on the customer side of things.
cc: @mostlikelee
fleet-release
commented
2 weeks ago Chrome patched, yet still, CVEs echo wrongly, Fleet's truth will dispel.
Fleet version: 4.51.0
đź’Ą Â Actual behavior
A customer is reporting that CVEs are being reported for a version of Google Chrome that has already been patched. Attached screen shots show multiple CVEs related to Chrome appearing 829 times in the Fleet environment even though all hosts (274) were patched with a version of Chrome. This CVE should no longer be appearing in Fleet.
🕯️ More info (optional)
The CVEs in question appear in Dogfood but the numbers appear to be accurate. I am attempting to get a screenshot of what the CVE detail page looks like in the customer’s environment to learn more about what software pieces they apply to and if versions of Chrome are that don’t actually appear in the environment are being reported.