ScanConfig: add "indirect-cve-whitelist" to scanner YAML configuration

[srmish-jfrog]

Add support for applicability scanning of indirect (transitive) CVEs. This is done by sending a separate list of detected indirect CVEs (indirect-cve-whitelist) to the applicability scanner YAML configuration file.

Also requires an update of "Analyzer Manager" to version 1.6.0

Reference implementation from VSC plugin - https://github.com/jfrog/jfrog-vscode-extension/pull/450