Support group filtering for Vulnerabilities API endpoint

Problem to solve

We should allow users to easily retrieve vulnerability occurrences by group from our API.

Intended users

Persona: Software developer

Further details

Proposal

Add route for retrieving vulnerability occurrences by group and supporting :group_id: URL param within Vulnerability API.

Permissions and Security

No changes to permissions

Documentation

No changes to docs

Testing

Add tests to ensure retrieving all project vulnerability occurrences for shared group works as expected.

What does success look like, and how can we measure that?

Users are easily able to retrieve all vulnerability occurrences within a group.

What is the type of buyer?

GitLab Ultimate

Links / references