From 647ffc6bf199bd14db3319f790b5d61b0da98e27 Mon Sep 17 00:00:00 2001
From: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
Date: Wed, 7 Aug 2024 19:46:33 +0200
Subject: [PATCH] Exclude ios_apps and ipados_apps from normal vuln processing.
 (#21143)

#21142
---
 server/vulnerabilities/nvd/cpe.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/vulnerabilities/nvd/cpe.go b/server/vulnerabilities/nvd/cpe.go
index 9d20820d08..abcfc01313 100644
--- a/server/vulnerabilities/nvd/cpe.go
+++ b/server/vulnerabilities/nvd/cpe.go
@@ -443,7 +443,8 @@ func TranslateSoftwareToCPE(
 	nonOvalIterator, err := ds.AllSoftwareIterator(
 		ctx,
 		fleet.SoftwareIterQueryOptions{
-			ExcludedSources: oval.SupportedSoftwareSources,
+			// Also exclude iOS and iPadOS apps until we enable vulnerabilities support for them.
+			ExcludedSources: append(oval.SupportedSoftwareSources, "ios_apps", "ipados_apps"),
 		},
 	)
 	if err != nil {