CVE-2021-42377 in busybox and CVE-2005-0602 in unzip

Please follow the Prometheus security policy (also linked from SECURITY.md) when reporting vulnerabilities.

Luckily, in this case a relevance of the quoted CVEs is unlikely as the code is never called. Nevertheless, a routine update of the container base images will happen with the next minor release.