我喜欢以匹配的所有出现cweids通过包含在ArrayList A与cweids包含在ArrayList B，这样的每次出现时cweid被处理。由于必须记录和处理每种情况，因此我不能使用Sets，实际上都是从数据库中查询两个ArrayList。请在下面查看我所做的代码片段。循环仅通过ArrayList B一次，如何使迭代完成？

public static void vulnerabilityCorrelator(String imageName, String microserviceName) {

    ScannerDAO.em.getTransaction().begin();

    List<Anchore> imageVulns = new ArrayList<Anchore>();

    Map<String, String> correlatedVulns = new HashMap<String, String>();

    Query appQ = ScannerDAO.em

            .createQuery("SELECT a FROM Alert a WHERE a.microserviceName='" + microserviceName + "'");

    Query imageQ = ScannerDAO.em.createQuery("SELECT i FROM Anchore i  WHERE i.imageName='" + imageName + "'");

    int count = 0;

    imageVulns = imageQ.getResultList();

    List<Alert> appVulns   = appQ.getResultList();

    System.out.println("appVulns.size() " + appVulns.size());

    for (int i = 0; i < appVulns.size(); i++) {

        Alert alert = appVulns.get(i);

        System.out.println(alert);

        String appCweId = alert.getCweid();

        for (Anchore imageV : imageVulns) {

            List<Vulnerability> vulnList = imageV.getVulnerabilities();

            for (Vulnerability vulnerability : vulnList) {

                String imageCweId = vulnerability.getCweid();

                System.out.println(imageCweId);

                String imageCweIdR = null;

                if (imageCweId == null || imageCweId.equals("None")) {

                    System.out.println(vulnerability.getVuln() + " does not have a CWE ID ");

                } else {

                    String splitimageCweId[] = vulnerability.getCweid().split("-");

                    imageCweIdR = splitimageCweId[1];

                }