chore(deps): update redis:7.2.11-alpine docker digest from 7.2.11 to v (docker-compose.yml)

[renovate]

This PR contains the following updates:

Package	Update	Change
redis	digest	cd3e4db -> 1a34bdb

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[dryrunsecurity]

This pull request includes a docker-compose change that pins the redis service to version 7.2.11-alpine, which is known to be vulnerable to CVE-2025-49844 (critical, CVSS 9.9) allowing an authenticated user to execute crafted Lua scripts and potentially compromise the instance. Consider upgrading to a patched Redis release or removing the vulnerable pin to mitigate this high-severity issue.

Use of Outdated Component with Known Vulnerabilities in docker-compose.yml

Vulnerability	Use of Outdated Component with Known Vulnerabilities
Description	The redis service in docker-compose.yml is pinned to version 7.2.11-alpine. This version of Redis is affected by CVE-2025-49844, a critical vulnerability (CVSS 9.9). This vulnerability allows an authenticated user to execute a specially crafted Lua script, leading to potential compromise of the Redis instance.

django-DefectDojo/docker-compose.yml

Lines 132 to 135 in 765fd55

	image: redis:7.2.11-alpine@sha256:1a34bdba051ecd8a58ec8a3cc460acef697a1605e918149cc53d920673c1a0a7
	volumes:
	- defectdojo_redis:/data
	volumes:

---

All finding details can be found in the DryRun Security Dashboard.

[mtesauro]

Approved