chore: update dependencies, authenticate docker hub

[tricky42]

This pull request includes several updates to the .github/workflows/cve-scan.yaml file to enhance the security scanning process and update dependencies.

Workflow Enhancements:

• Added workflow_dispatch to allow manual triggering of the workflow.
• Added permissions to specify read access to contents and write access to security events.

Dependency Updates:

• Updated actions/checkout from v3 to v4.
• Updated docker/setup-qemu-action from v2 to v3.
• Updated docker/setup-buildx-action from v2 to v3.
• Updated anchore/scan-action from v3 to v5.
• Updated github/codeql-action/upload-sarif from v2 to v3.
• Updated erzz/dockle-action from v1.3.2 to v1.

Configuration Changes:

• Added steps to login to GitHub Container Registry and configure Trivy for enhanced security scanning.
• Unified the image name definition to use IMAGE_NAME environment variable across all steps. [1] [2] [3]
• Added environment variables to Trivy configuration to skip Java DB updates and disable VEX notices.

[tricky42]

If there are no inconsistencies (like in the Hydra image tag case), this script version should work in all OpenSource repos for our services (Kratos, Oathkeeper, Keto, Hydra). I will check this; then, we could place it in ory/meta and sync it, or?

[aeneasr]

I will check this; then, we could place it in ory/meta and sync it, or?

absolutely