Filter out polices with no matching violations

[kevin-paladin]

Description

The Rapid7 'medium' severity policy was showing as having failed when it was empty (there were no associated CVE's). This filters empty CVE's out which results in the 'medium' policy as succeeding.

Fixes # (issue if any)

PLG-534

Type of change

• [x ] Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

• [ ] added a unit test

Checklist:

• [x ] My code follows the style guidelines of this project
• [x ] My commit message/PR follows the contribution guidelines of this project
• [x ] I have performed a self-review of my code
• [ ] I have commented my code, particularly in hard-to-understand areas
• [ x] I have added tests that prove my fix is effective or that my feature works
• [ x] New and existing unit tests pass locally with my changes

[sonarcloud[bot]]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud