Rename Issue struct type to Vulnerability

The common library shared by the analyzers of SAST and Dependency Scanning (DS) defines Issue, a Go struct type that represents a vulnerability and that should be used to generate JSON reports. This is confusing since the word "issue" has a different meaning in the context of GitLab. We should probably rename the struct type to Vulnerability, especially since customers are starting to look at this file to evaluate integrations with their existing tools.

Also, we could rename issue.Ref at the same time. See gitlab-org/security-products/analyzers/common!79 (comment 305813782)