Create a provider for Haskell security advisories

[westonsteimel]

What would you like to be added:

Add a provider to pull advisory data from https://github.com/haskell/security-advisories (OSV formatted in https://github.com/haskell/security-advisories/tree/generated/osv-export)

Why is this needed:

I believe there is already a package cataloger in syft, this should allow for more accurate vulnerability matches in grype

Additional context: