Don't reuse vulnerability scanners across projects
requested to merge 354082-vulnerability-report-ui-does-not-render-with-only-cluster-image-scanning-vulnerabilities into master
Currently some vulnerability scanner records are shared between projects, because Vulnerabilities::CreateServiceBase does not look up scanners by their project_id. This is not intentional, and poses a permission issue, as project owners no longer have read access to such shared scanners, as they belong to another project.
This causes <code data-sourcepos="3:15-3:27">scanner: null</code> GraphQL responses when querying project vulnerabilities.
Related to #354082
Edited by Dominic Bauer