GitHub user PragmaTwice added a comment to the discussion: CVEs in official docker image apache/kvrocks:2.14.0
CVE-2023-45853: firstly, we do NOT use zlib (we use zlib-ng instead). secondly, minizip is NOT a part of zlib. CVE-2025-6020: this is a database program and I don't think we use anything about linux pam. correct me if i'm wrong. I don't think we need any fix. Please be careful about false positives in your scanner. GitHub link: https://github.com/apache/kvrocks/discussions/3364#discussioncomment-15714270 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
