[bug] Ignore withdrawn vulnerabilities

[ruromero]

Trustify returns withdrawn vulnerabilities including the withdrawn date. These vulnerabilities should not be included in the report.

      {
        "normative": true,
        "identifier": "CVE-2021-41720",
        "title": null,
        "description": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none",
        "reserved": "2021-09-27T00:00:00Z",
        "published": "2021-09-30T13:12:56Z",
        "modified": "2021-12-01T15:27:31Z",
        "withdrawn": "2021-12-01T15:27:31Z",
        "discovered": null,
        "released": null,
        "cwes": [],
        "status": {
          "affected": [
            {
              "uuid": "urn:uuid:744fd1e3-29b1-49c2-a189-b9df55a7983e",
              "identifier": "GHSA-8p5q-j9m2-g8wr",
              "document_id": "GHSA-8p5q-j9m2-g8wr",
              "issuer": null,
              "published": "2021-12-03T20:37:32Z",
              "modified": "2021-12-02T00:01:18Z",
              "withdrawn": "2021-10-01T22:04:28Z",
              "title": "Withdrawn: Arbitrary code execution in lodash",
              "labels": {
                "type": "osv",
                "file": "unreviewed/2021/12/GHSA-8p5q-j9m2-g8wr/GHSA-8p5q-j9m2-g8wr.json",
                "source": "https://github.com/github/advisory-database",
                "importer": "osv-github"
              },
              "scores": [
                {
                  "type": "3.1",
                  "value": 9.8,
                  "severity": "critical"
                }
              ]
            }
          ]
        }
      },