added a new field to keep track of the vulnerable software that caused the match - part of the patch for issue 20

Former-commit-id: a5fa6313b9ecfb2d67ba4da25a2f5e863b184b51

dependency-check-core/src/main/java/org/owasp/dependencycheck/dependency/Vulnerability.java

@@ -393,4 +393,52 @@ public class Vulnerability implements Serializable, Comparable<Vulnerability> {
     public int compareTo(Vulnerability v) {
         return v.getName().compareTo(this.getName());
     }
+
+    /**
+     * The CPE id that caused this vulnerability to be flagged.
+     */
+    private String matchedCPE;
+    /**
+     * Whether or not all previous versions were affected.
+     */
+    private String matchedAllPreviousCPE;
+
+    /**
+     * Sets the CPE that caused this vulnerability to be flagged.
+     *
+     * @param cpeId a CPE identifier
+     * @param previous a flag indicating whether or not all previous versions were affected (any non-null value is
+     * considered true)
+     */
+    public void setMatchedCPE(String cpeId, String previous) {
+        matchedCPE = cpeId;
+        matchedAllPreviousCPE = previous;
+    }
+
+    /**
+     * Get the value of matchedCPE.
+     *
+     * @return the value of matchedCPE
+     */
+    public String getMatchedCPE() {
+        return matchedCPE;
+    }
+
+    /**
+     * Get the value of matchedAllPreviousCPE.
+     *
+     * @return the value of matchedAllPreviousCPE
+     */
+    public String getMatchedAllPreviousCPE() {
+        return matchedAllPreviousCPE;
+    }
+
+    /**
+     * Determines whether or not matchedAllPreviousCPE has been set.
+     *
+     * @return true if matchedAllPreviousCPE is not null; otherwise false
+     */
+    public boolean hasMatchedAllPreviousCPE() {
+        return matchedAllPreviousCPE != null;
+    }
 }