Integrate CWE information into gosec reports

This MR applies the same changes as !22 (closed). Just opened up a fresh MR based on a branchname without / so that the tag job does not fail anymore.

Description from !22 (closed):

What does this MR do?

This MR improves the vulnerability descriptions from the gosec analyser discussed in this issue.

This MR relies on two things

• A recent version of gosec that includes our patch https://github.com/securego/gosec/issues/368. This patch links every gosec rule to its corresponding CWE. The mappings have been double-checked by the gosec authors.
• Our go package cwe-info-go (https://gitlab.com/gitlab-org/security-products/cwe-info-go). This is a go package generated from data contained in cwe-info. It contains relevant CWE data (ID, Title, Description, Solution/Mitigation) which we leverage to show better vulnerability descriptions.

What are the relevant issue numbers?

gitlab-org/gitlab#14940 (comment 215635208)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer