fleetdm
Search software by CVE on host detail / software inventory pages
Problem
https://github.com/fleetdm/fleet/pull/27490#discussion_r2034542608
There was a discussion about how the search box on the host software detail page and software inventory page should work. Currently when using this search box, it searches software names and cves. However, this can lead to the user trying to search for a cve and also getting results that don't have any vulnerabilities. For example the search term "ve".
What have you tried?
I search for "ve" on the host software page or on the software inventory page and I get results back for software that matches that name and many softwares that have vulnerabilities.
Potential solutions
Since all cves begin with "CVE-". Could we more intelligently detect if a user is intending to search for a CVE and only search for and surface software that is vulnerable when the prefix is available. Otherwise only search software name. In the results table, would it be useful to show what part of the row matched? Highlight the part of the name that matched or the cve that matched?
What is the expected workflow as a result of your proposal?
I search for "CVE-2024" and I only get software that has vulnerabilities reported in 2024. I search for "2024" and I only get software that has 2024 in the name.
