Integrate CWE information into gosec reports

What does this MR do?

This MR improves the vulnerability descriptions from the gosec analyser discussed in this issue.

This MR relies on two things

• A recent version of gosec that includes our patch https://github.com/securego/gosec/issues/368. This patch links every gosec rule to its corresponding CWE. The mappings have been double-checked by the gosec authors.
• Our go package cwe-info-go (https://gitlab.com/gitlab-org/security-products/cwe-info-go). This is a go package generated from data contained in cwe-info. It contains relevant CWE data (ID, Title, Description, Solution/Mitigation) which we leverage to show better vulnerability descriptions.

What are the relevant issue numbers?

gitlab-org/gitlab#14940 (comment 215635208)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer