Security dashboard list vulnerabilities even they are fixed

Summary

Security dashboard list vulnerabilities even they are fixed

Steps to reproduce

Create a simple project with CS (container scanning) and docker file using base image ubuntu:16.04. Example project can be found here
Security dashboard should find some vulnerabilities.
Create MR to fix all those vulnerabilities. You can do that by changing base image to alpine:3.5
Go to dashboard, you will observe vulnerabilities from ubuntu and they will be in detected state.

Example Project

https://staging.gitlab.com/caneldem/alpine new security dashboard

What is the expected correct behavior?

Fixed vulnerabilities status should be resolved

Relevant logs and/or screenshots

Possible fixes

We should only get latest successful pipeline https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/controllers/concerns/project_vulnerability_findings_actions.rb#L13

Edited Jun 04, 2020 by Can Eldem