[gitlab-depscan] depscan doesn't properly parse versions with underscores
The new version of depscan is showing incorrect vulnerabilities on curl and openssl due to the omnibus version manifests having versions like: OpenSSL_1_1_1g
and curl-7_59_0
(These are the git tags for these versions)
From the pipeline here: https://dev.gitlab.org/gitlab/omnibus-gitlab/-/jobs/8395804#L2898 you can see that several vulnerabilities that are not for the recent versions are listed.