CVE-2023-25399 Incorrect Version Entry

[j-baines]

CVE-2023-25399 reportedly affects SciPy before 1.10.0. The versions array didn't properly express this. Using "lessThan":"1.10.0" (which CISA already had) with "version":"0", I believe, is the preferred way to describe the affected versions.

Using "version":"1.10.0*" is not the appropriate way to express this, and I don't think it even describes a meaningful version range. I also mentioned this form of version* in https://github.com/cisagov/vulnrichment/pull/19 so this might be a wider problem that needs an issue created.