secscan: implement basescore/cveid (PROJQUAY-6697)

[arborite-rh]

This implements FEDRAMP requirements of providing BaseScores and CVE IDs for a given version of software/vulnerabilities associated with it.

The goal is for this to be a temporary stop-gap solution until these values are available through the Clair API and eventually ACS services.

The design of this PR currently utilizes the existing endpoint and builds the two new fields into the Features object. This shouldn't have any adverse effect on clients. I've manually tested the UI and everything still looks good/loads as expected.

The majority of the changes in this PR come from updating the JSON files for unit-testing, and lots of new line from make black linting.

Example screenshot of the new JSON response for this endpoint:

[codecov]

Codecov Report

Attention: 6 lines in your changes are missing coverage. Please review.

Comparison is base (00d983b) 70.70% compared to head (9e8edef) 70.71%.
Report is 5 commits behind head on master.

Files	Patch %	Lines
data/secscan_model/secscan_v4_model.py	57.14%	4 Missing and 2 partials ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #2684   +/-   ##
=======================================
  Coverage   70.70%   70.71%           
=======================================
  Files         435      436    +1     
  Lines       40181    40234   +53     
  Branches     5225     5237   +12     
=======================================
+ Hits        28411    28451   +40     
- Misses      10117    10126    +9     
- Partials     1653     1657    +4     

Flag	Coverage Δ
unit	70.71% <73.91%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.