Vulnerability identifier shows as link even though it doesn't have a link

Summary

Identifiers in a vulnerability finding are always rendered as a link even when the identifier doesn't have a URL associated with it.

Steps to reproduce

1. Create a vulnerability report with an identifier that doesn't have a link; e.g.:

      "identifiers": [
        {
          "type": "test",
          "name": "1",
          "value": "1"
        }
      ]

2. Run a CI pipeline with a job that imports said report; e.g.:

   container-scanning:
     script:
       - mv fake-report.json gl-container-scanning-report.json
     artifacts:
       reports:
         container_scanning: gl-container-scanning-report.json

3. If the pipeline wasn't on the default branch, merge it so the findings show in the vulnerability report
4. Open the vulnerability

Example Project

https://gitlab.com/thiagocsf-group/security-reports/-/security/vulnerabilities/4893215

What is the current bug behavior?

The identifier will show in the page as a link.

What is the expected correct behavior?

The identifier doesn't have a link.

Relevant logs and/or screenshots

Output of checks

This bug happens on GitLab.com

Possible fixes

In ee/app/assets/javascripts/vulnerabilities/components/details.vue line 285, don't use gl-link when identifier.url is empty/blank

285           <gl-link :href="identifier.url" data-testid="identifier" target="_blank">
286             {{ identifier.name }}
287           </gl-link>

<a data-testid="identifier" rel="noopener noreferrer" target="_blank" class="gl-link">
          1
        </a>

/cc @matt_wilson @andyvolpe @lkerr