github anchore/grype v0.15.0

latest releases: v0.46.0, v0.45.0, v0.44.0...
12 months ago

Changelog

v0.15.0 (2021-07-14)

Full Changelog

Implemented enhancements:

  • Add NVD CVSS scores to grype json output for matches on the vendor record #314
  • Vendor metadata for vulnerability fixes is missing #276

Fixed bugs:

  • cyclonedx reports a score of 0 if CVE has no CVSS #366
  • cyclonedx doesn't report severity if feed has no CVSS #364
  • Pipelines allow unclean go.sum files that block our release pipeline #358
  • Panic during directory scan #353
  • CycloneDX Document struct returns empty Components list when parsing CycloneDX XML output #345
  • Add vendor-provided CVSS scores to vulnerability match records where available #287
  • There should always be links associated with a vulnerability #189
  • Show no value in table output for unknown fixes #350 (luhring)
  • Fix RPM epoch comparison logic #331 (wagoodman)

* This Changelog was automatically generated by github_changelog_generator

Docker images

  • docker pull anchore/grype:latest
  • docker pull anchore/grype:v0.15.0
  • docker pull anchore/grype:v0
  • docker pull anchore/grype:v0.15

Don't miss a new grype release

NewReleases is sending notifications on new releases.