fixes Issue rapid7#5272 on report_vuln

David Maloney · David Maloney · commit 18874fe384e1 · 2015-04-30T15:21:56.000-05:00
use includes instead of joins so that refs on
the vuln are not marked as readonly
diff --git a/lib/msf/core/db_manager/vuln.rb b/lib/msf/core/db_manager/vuln.rb
@@ -46,7 +46,7 @@ def find_vuln_by_details(details_map, host, service=nil)
 
   def find_vuln_by_refs(refs, host, service=nil)
     ref_ids = refs.find_all { |ref| ref.name.starts_with? 'CVE-'}
-    host.vulns.joins(:refs).where(service_id: service.try(:id), refs: { id: ref_ids}).first
+    host.vulns.includes(:refs).where(service_id: service.try(:id), refs: { id: ref_ids}).first
   end
 
   def get_vuln(wspace, host, service, name, data='')
