I'm using the redis:8.0.3 Docker image and have identified several HIGH and CRITICAL severity vulnerabilities during a security scan. Below are the details:
Library Vulnerability Severity Installed Version Title
libpam-modules CVE-2025-6020 HIGH 1.5.2-6+deb12u1 linux-pam: Linux-pam directory Traversal
libpam-modules-bin CVE-2025-6020 HIGH linux-pa m: Linux-pam directory Traversal
libpam-runtime CVE-2025-6020 HIGH 1.5.2-6+deb12u1 linux-pam:Linux-pam directory Traversal
libpam0g CVE-2025-6020 HIGH 1.5.2-6+deb12u1 linux-pam:Linux-pam directory Traversal
zlib1g CVE-2023-45853 CRITICAL 1:1.2.13.dfsg-1 zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 https://avd.aquasec.com/nvd/cve-2023-45853
Could you please advise if there's a fix available or a planned update to address these vulnerabilities in an upcoming version of the Redis image?