Do not report a package as vulnerable when the version is fixing a vulnerability

On a requirements.txt file with:
```
cryptography==38.0.3
```
Run `inspect_manifest` then `find_vulnerabilities`
This package is reported as vulnerable incorrectly.


Same with:
```
django==3.2.16
```

In both cases, these are fixing vulns and these versions are not vulnerable.