Expose fields needed by frontend for MR security reports

In support of &1425 (closed), it was discovered that there are several fields that are not being returned with the new implementation of Merge Request Security Reports.

This is being addressed in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/15531