Vulnerability database version/timestamp in VulnerabilityReport

[evandeaubl]

It would be useful if the VulnerabilityReport contained either a version or timestamp of the vulnerability database used to produce the report, partially for debugging whether reports are being kept up to date, and also for cases like airgapped installs where the database is not updated automatically.