improved pom analysis

Former-commit-id: 8da3f802dbf2c3d8cd63d07a1a0a5d984074f007

src/main/java/org/owasp/dependencycheck/analyzer/JarAnalyzer.java

@@ -294,6 +294,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
             if (artifactid != null) {
                 foundSomething = true;
                 dependency.getProductEvidence().addEvidence("pom", "artifactid", artifactid, Evidence.Confidence.HIGH);
+                dependency.getVendorEvidence().addEvidence("pom", "artifactid", artifactid, Evidence.Confidence.LOW);
             }
             //version
             final String version = interpolateString(pom.getVersion(), pomProperties);
@@ -313,6 +314,7 @@ public class JarAnalyzer extends AbstractAnalyzer implements Analyzer {
             if (pomName != null) {
                 foundSomething = true;
                 dependency.getProductEvidence().addEvidence("pom", "name", pomName, Evidence.Confidence.HIGH);
+                dependency.getVendorEvidence().addEvidence("pom", "name", pomName, Evidence.Confidence.HIGH);
             }
 
             //Description