feat: add fix to prevent unknown vendor overwrite (#3963)

* feat: add fix to prevent unknown vendor overwrite for packages with same version and name

Author: jananir640

cve_bin_tool/output_engine/__init__.py

@@ -945,9 +945,14 @@ def generate_sbom(
                 my_package.set_supplier("Organization", product_data.vendor)
             my_package.set_licensedeclared(license)
             my_package.set_licenseconcluded(license)
-            sbom_packages[(my_package.get_name(), my_package.get_value("version"))] = (
-                my_package.get_package()
-            )
+            if not (
+                (my_package.get_name(), my_package.get_value("version"))
+                in sbom_packages
+                and product_data.vendor == "unknown"
+            ):
+                sbom_packages[
+                    (my_package.get_name(), my_package.get_value("version"))
+                ] = my_package.get_package()
             sbom_relationship.initialise()
             sbom_relationship.set_relationship(
                 root_package, "DEPENDS_ON", product_data.product