Add native NVD v2.0 JSON CVE matching
What does this MR do?
Removes the dependency on archived repo nvd-mirror by implementing native NVD CPE matching against the new v2 JSON repository: nvd-mirror-json-data-v2
What are the relevant issue numbers?
https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8608+
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Lucas Charles