[FEATURE] Add possibility to use CPE in components

[jblu42]

The CPE (https://nvd.nist.gov/products/cpe) is still often used to identify vulnerabilities in software and also used by Dependency Track to identify vulnerabilities.

I am currently generating a cyclonedx sbom file with this library with input from various sources where the sources sometimes include the CPE value for the component. The sbom then is imported into DT and other tools to identify vulnerabilities.

Currently I cannot add the CPE to the sbom using this library as the CPE is not supported in the component.

Pull request for this feature already added.