Migrate to a new go-cvss library

What does this MR do?

• Migrates from github.com/spiegel-im-spiegel/go-cvss to github.com/pandatix/go-cvss for CVSS 3.0 and 3.1
• Migrates from github.com/umisama/go-cvss to github.com/pandatix/go-cvss for CVSS 2.0
• Differentiates between CVSS3.0 and CVSS3.1 due to the library implementation.
• Removes the function that was adding parenthesis around the CVSS 2.0 since it was specific to github.com/umisama/go-cvss

All tests have passed without any changes.

Why are we migrating to a new library?

github.com/spiegel-im-spiegel/go-cvss module was no longer actively maintained and it had switched ownership. This in combination with issues in the implementation such as incorrect CVSS v2 scores made us switch to github.com/pandatix/go-cvss .

What are the relevant issue numbers?

gitlab-org/gitlab#460894 (closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer