Changelog
v0.15.0 (2021-07-14)
Implemented enhancements:
- Add NVD CVSS scores to grype json output for matches on the vendor record #314
- Vendor metadata for vulnerability fixes is missing #276
Fixed bugs:
- cyclonedx reports a score of 0 if CVE has no CVSS #366
- cyclonedx doesn't report severity if feed has no CVSS #364
- Pipelines allow unclean go.sum files that block our release pipeline #358
- Panic during directory scan #353
- CycloneDX Document struct returns empty Components list when parsing CycloneDX XML output #345
- Add vendor-provided CVSS scores to vulnerability match records where available #287
- There should always be links associated with a vulnerability #189
- Show no value in table output for unknown fixes #350 (luhring)
- Fix RPM epoch comparison logic #331 (wagoodman)
* This Changelog was automatically generated by github_changelog_generator
Docker images
docker pull anchore/grype:latest
docker pull anchore/grype:v0.15.0
docker pull anchore/grype:v0
docker pull anchore/grype:v0.15