From 96e96e5e66c4ca0acf4cee6489ca632bb7f2678b Mon Sep 17 00:00:00 2001
From: Johannes Helmold <johannes.helmold@greenbone.net>
Date: Fri, 29 Sep 2023 09:24:45 +0200
Subject: [PATCH] Use case-insensitive comparison for CPEs in CVE scanner.

Because some CVEs where not found because of a different notation
(with capital letters / without capital letters) the comparison
for the CPEs in the CVE scanner is now made case-insensitive.
---
 src/manage_sql.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/manage_sql.c b/src/manage_sql.c
index 0eb7005d3..e4750a57e 100644
--- a/src/manage_sql.c
+++ b/src/manage_sql.c
@@ -20112,7 +20112,7 @@ init_host_prognosis_iterator (iterator_t* iterator, report_host_t report_host)
                  " FROM scap.cves, scap.cpes, scap.affected_products,"
                  "      report_host_details"
                  " WHERE report_host_details.report_host = %llu"
-                 " AND cpes.name = report_host_details.value"
+                 " AND LOWER(cpes.name) = LOWER(report_host_details.value)"
                  " AND report_host_details.name = 'App'"
                  " AND cpes.id=affected_products.cpe"
                  " AND cves.id=affected_products.cve"