Do not report ghost packages as fix for vulnerabilities in APIv2

Signed-off-by: Keshav Priyadarshi <[email protected]>

Author: keshav-space

vulnerabilities/api_v2.py

@@ -198,6 +198,9 @@ def get_affected_by_vulnerabilities(self, obj):
         return [vuln.vulnerability_id for vuln in obj.affected_by_vulnerabilities.all()]
 
     def get_fixing_vulnerabilities(self, obj):
+        # Ghost package should not fix any vulnerability.
+        if obj.is_ghost:
+            return []
         return [vuln.vulnerability_id for vuln in obj.fixing_vulnerabilities.all()]