This feature adds VEX file uploading to the sbom scanner. This allows one to store Vulnerability information (e.g. suppressions) in a GIT repository and upload them when scanning an SBOM. This is especially useful when you want to keep track vulnerabilities in multiple versions of the same project in Dependency Track. By keeping the VEX file in git, you do not have to manually apply the same suppressions to all project versions.

Signed-off-by: Stein Welberg <mail@steinwelberg.nl>