The logs showed 4 vulnerabilities, but the final report only had 2. #1360
Description
What happened:
The logs showed 4 vulnerabilities, but the final report only had 2.
What you expected to happen:
report all 4 vulnerabilities
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
> grype sbom:./sbom.json
✔ Vulnerability DB [no update available]
✔ Scanning image... [4 vulnerabilities]
├── 0 critical, 3 high, 1 medium, 0 low, 0 negligible
└── 0 fixed
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
busybox 1.35.0 CVE-2022-28391 High
busybox 1.35.0 CVE-2022-30065 High
Environment:
- Output of
grype version:0.63.0 - OS (e.g:
cat /etc/os-releaseor similar): macOS 13.4