Use security_findings for security MR widget report comparison
## Background context
We had an [epic](https://gitlab.com/groups/gitlab-org/-/epics/8341) to move from using report artifices for vulnerability finding comparisons. That epic is complete, and the pertinent information is now available in the `finding_data` `jsonb` column on the [security_findings table](https://gitlab.com/gitlab-org/gitlab/-/blob/ef9cee18a0a4c75a0e3c691297b8d964315829cd/db/structure.sql#L1218)
## This issue
The [security MR widget](https://docs.gitlab.com/ee/user/application_security/#merge-request) is one feature that relied on the original technique of using report artifacts for comparisons. As such, it can now be migrated to using the new `finding_data` column.
The way this widget currently works is:
1. Builds a [`Ci::CompareSecurityReportsService`](https://gitlab.com/gitlab-org/gitlab/-/blob/f383c9300012a873ac1db94b69c02d7280da4fda/ee/app/services/ci/compare_security_reports_service.rb#L18) comparer service to compare a report generated from the MR's latest pipeline to the report generated from the default branch
1. This service uses [`Security::PipelineVulnerabilitiesFinder`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/finders/security/pipeline_vulnerabilities_finder.rb) to build the reports for comparison (it is named a finder, but returns `Security::AggregatedReport` objects)
1. This finder [finds all the findings via report artifacts](https://gitlab.com/gitlab-org/gitlab/-/blob/ef9cee18a0a4c75a0e3c691297b8d964315829cd/ee/app/finders/security/pipeline_vulnerabilities_finder.rb#L31-43) (the logic we want to migrate away from)
1. Then sorts these findings [by `severity`](https://gitlab.com/gitlab-org/gitlab/-/blob/ef9cee18a0a4c75a0e3c691297b8d964315829cd/ee/app/finders/security/pipeline_vulnerabilities_finder.rb#L58)
1. Then uses these findings [to return](https://gitlab.com/gitlab-org/gitlab/-/blob/ef9cee18a0a4c75a0e3c691297b8d964315829cd/ee/app/finders/security/pipeline_vulnerabilities_finder.rb#L45) a [`Security::AggregatedReport`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/reports/security/aggregated_report.rb)
## Implementation Plan
- [x] gitlab-org/gitlab#457851+s
- [x] We can use [`Security::FindingsFinder`](https://gitlab.com/gitlab-org/gitlab/-/blob/f383c9300012a873ac1db94b69c02d7280da4fda/ee/app/finders/security/findings_finder.rb#L35) to fetch the findings from the new database table
1. This finder returns the findings, not a `Security::AggregatedReport`
1. The value from this finder is paginated and scoped to 20 by default, we will need all the results to match the current behavior
1. ~the existing behavior is scoped to `all`, which includes `dismissed` findings~ not an issue as `Security::FindingsFinder` also can take a `scope: 'all'` option
- [ ] Verify the [Vulnerability creation from Security Reports](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/sec/security_report_ingestion_overview.md#vulnerability-creation-from-security-reports) docs are still accurate
## Testing
- [ ] Make sure `e2e:package-and-test` is run in the MR and review results.
## Verification steps
tbd
issue