Create a helper function to extract versions from the Github_M CNA version description

[jess-lowe]

With the CVE5 to OSV conversion project, we are currently not able to ingest the CVEs from the Github_M CNA despite having most/all of the necessary information, as the version is displayed incorrectly:

"version": ">= 1.32.3, < 1.34.5",

A helper function that could extract the versions into the AffectedVersion format would be immensely helpful.

The above example would give:
Introduced: 1.32.3
Fixed: 1.34.5

if the second part was "<=", it'd be LastAffected: 1.34.5 instead

It can probably go here: https://github.com/google/osv.dev/blob/master/vulnfeeds/git/versions.go

From my notes, this regex might be of use:

^(>=|<=|~|\^|>|<|=)\s*(\d+\.\d+\.\d+)(?:,\s*(>=|<=|~|\^|>|<|=)\s*(\d+\.\d+\.\d+))?$

[dizzydroid]

Raised #3701

Quick note on the regex pattern used in the new ParseVersionRange function: I've modified it a little to be more flexible [0-9a-zA-Z\.\-]+ . The reason is that this pattern correctly handles pre-release tags (e.g., 1.2.3-rc1, 2.0-alpha) and is consistent with how other version parsers operate (like NormalizeVersion's: (?:rc|alpha|beta|preview)).