correctly identify version of traefik binaries

[mcarbonne]

What happened:
I wanted to try if grype was able to correctly detect CVE in my running images, so I tried the following :

$ grype traefik:3.1.2 
 ✔ Loaded image                                                                                                                                                          traefik:3.1.2
 ✔ Parsed image                                                                                                sha256:0c02a120479c5db9809725d9bf5b125ffbc79266e4e6dc1e5225bff876880453
 ✔ Cataloged contents                                                                                                 86e75bc67ff99e9ee7f53102f1ffd34ef0c0742682bfb1069283ed4ee4e91be3
   ├── ✔ Packages                        [321 packages]  
   ├── ✔ File digests                    [574 files]  
   ├── ✔ File metadata                   [574 locations]  
   └── ✔ Executables                     [20 executables]  
 ✔ Scanned for vulnerabilities     [4 vulnerability matches]  
   ├── by severity: 0 critical, 2 high, 1 medium, 0 low, 0 negligible (1 unknown)
   └── by status:   0 fixed, 4 not-fixed, 0 ignored 
NAME                        INSTALLED  FIXED-IN  TYPE       VULNERABILITY        SEVERITY 
gopkg.in/square/go-jose.v2  v2.5.1               go-module  GHSA-c5q2-7r4c-mv6g  Medium    
stdlib                      go1.22.5             go-module  CVE-2024-34158       High      
stdlib                      go1.22.5             go-module  CVE-2024-34156       High      
stdlib                      go1.22.5             go-module  CVE-2024-34155       Unknown

But for example, CVE-2024-45410 (9.8) isn't detected.
Next, I did download the database used by grype, and the CVE is there.

My first guess was that grype was only analyzing dependencies, but not the software itself, so I ran syft to check the detected SBOM, but traefik was correctly detected:

$ syft traefik:3.1.2 
 ✔ Loaded image                                                                                                                                                          traefik:3.1.2
 ✔ Parsed image                                                                                                sha256:0c02a120479c5db9809725d9bf5b125ffbc79266e4e6dc1e5225bff876880453
 ✔ Cataloged contents                                                                                                 86e75bc67ff99e9ee7f53102f1ffd34ef0c0742682bfb1069283ed4ee4e91be3
   ├── ✔ Packages                        [321 packages]  
   ├── ✔ File digests                    [574 files]  
   ├── ✔ File metadata                   [574 locations]  
   └── ✔ Executables                     [20 executables]  
NAME                                                                                  VERSION                                TYPE        
[...]    
github.com/traefik/grpc-web                                                           v0.16.0                                go-module    
github.com/traefik/http-wasm-host-go                                                  v0.0.0-20240618100324-3c53dcaa1a70     go-module    
github.com/traefik/paerser                                                            v0.2.0                                 go-module    
github.com/traefik/traefik/v3                                                         v0.0.0-20240806133403-4c4780f88692     go-module    
github.com/traefik/yaegi                                                              v0.16.1                                go-module    
[...]   
traefik                                                                               3.1.2                                  binary