re-use connection for last call to getVulnerability per #3408

Author: jeremylong

core/src/main/java/org/owasp/dependencycheck/data/nvdcve/CveDB.java

@@ -627,7 +627,7 @@ public List<Vulnerability> getVulnerabilities(Cpe cpe) throws DatabaseException
                 //remember to process the last set of CVE/CPE entries
                 final VulnerableSoftware matchedCPE = getMatchingSoftware(cpe, vulnSoftware);
                 if (matchedCPE != null) {
-                    final Vulnerability v = getVulnerability(currentCVE);
+                    final Vulnerability v = getVulnerability(currentCVE, conn);
                     if (v != null) {
                         v.setMatchedVulnerableSoftware(matchedCPE);
                         v.setSource(Vulnerability.Source.NVD);