fix: Avoid FPs for Symfony Contracts as framework

Symfony Contracts are being matched as Symphony framework. However,
they are different projects with independent versioning schemes.
For example, CVE-2022-23601 for Symfony is resolved in versions
5.3.15, 5.4.4 and 6.0.4. However, Contracts project's latest version
is v3.5.2.

Author: sigv

core/src/main/resources/dependencycheck-base-suppression.xml

@@ -390,6 +390,13 @@
         <packageUrl regex="true">^pkg:composer/symfony/polyfill-.*$</packageUrl>
         <cpe>cpe:/a:sensiolabs:symfony</cpe>
     </suppress>
+    <suppress base="true">
+        <notes><![CDATA[
+        FP per #7545
+        ]]></notes>
+        <packageUrl regex="true">^pkg:composer/symfony/.*-contracts@.*$</packageUrl>
+        <cpe>cpe:/a:sensiolabs:symfony</cpe>
+    </suppress>
     <suppress base="true">
         <notes><![CDATA[
         FP per #2957