Add vuln-type parameter to CS Trivy SBOM scan

What does this MR do?

Pass the vuln-type parameter, based on the "report language-specific findings" option to the Trivy SBOM command in container scanning, to avoid scanning non-OS packages unnecessarily. Resolves Non OS packages are present in the CycloneDX SB... (gitlab-org/gitlab#435390 - closed) • Yasha Rise • 17.1.

What are the relevant issue numbers?

gitlab-org/gitlab#435390 (closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer