Hi team,
Currently I’m implementing grype to perform the proper security scanning for my containers.
One specific CVE ( CVE-2024-42516) for apache httpd was recently published on Jul 10th and got updated by Jul 15 (the CVSS score was added), the scans I executed during the timeframe of Jul 10th to Jul 14th didnt show me the CVE until I ran scans on Jul 15th when the record was updated.
I did perform a db update every day.
Is this an usual behavior of grype?