fix: dont ignore Running on info from NVD

[flobz]

Description

The NVD explicitly includes the following CPE constraint:
Running on/with
cpe:2.3:o:microsoft:windows:-:::::::*

Dependency-Track does not evaluate CPE platform constraints (like the OS) when matching CVEs with components.
This PR try to fix this issue by adding to targetsw CPE field the os.

Addressed Issue

• False positive: CVE-2024-3566 (Windows-only) incorrectly reported on Linux-based containers #5165

Additional Details

Checklist

• I have read and understand the contributing guidelines
• This PR fixes a defect, and I have provided tests to verify that the fix is effective
• This PR implements an enhancement, and I have provided tests to verify that it works as intended
• This PR introduces changes to the database model, and I have added corresponding update logic
• This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

[owasp-dt-bot]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

[lemmbe]

Just checking in on this PR. I'm very interested in seeing this issue fixed, so please let me know if there's anything I can do to help get it merged.

[nscuro]

@lemmbe With changes like this it always helps when folks test it with actual data, so we get a feeling for the impact.