docs: expand SECURITY guidance for dealing with CVEs

[MikeMcC399]

Description

Added more explicit information about CVEs in Node.js to the SECURITY.md document

Motivation and Context

There have been multiple requests lately for resolving CVEs from npm. The answer is always the same, that this repo cannot resolve the vulnerability, and the user needs to wait for Node.js releases.

Types of changes

• Documentation
• Version change (Update, remove or add more Node.js versions)
• Variant change (Update, remove or add more variants, or versions of variants)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Other (none of the above)

Checklist

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING.md document.
• All new and existing tests passed.

[MikeMcC399]

Preview

https://github.com/MikeMcC399/docker-node/blob/update-security-information/SECURITY.md