Open
Description
Is your feature request related to a problem? Please describe.
Yes. It would be helpful for users of zot to have built-in or integrated vulnerability scanning based on OSV.dev (Open Source Vulnerabilities), which provides a universal format for vulnerability data across open source ecosystems.
Describe the solution you'd like
Integrate osv-scanner or implement support for querying the OSV database.
Scan images and artifacts for known vulnerabilities based on their dependencies.
Display results
Describe alternatives you've considered
External tools can be used, but native support or integration would streamline security checks.
Additional context
OSV is already used widely by ecosystems like Go, Python, and Rust.
A plugin or scan endpoint would be ideal.