Open sandeshan opened 1 year ago
Hi @sandeshan, thanks for bringing this up. We do run the scanning for Triton image. I think since Pillow
is not installed, we are not seeing any vulnerabilities reported. I was wondering if using filters to rule out that particular file would work for your case.
@krishung5 The filters in the ECR scanning config refers to which repositories or image files we want to include in our automated scanning, and not the files within the image itself.
I also tried updating the base image and installing the latest version of Pillow
, which is 10.0.0
, but inspector still flags that requirements.txt file in the updated image. It seems like a bug in the AWS inspector, so I'll provide them with more details.
For the triton image itself, I assume it is still a risk for users who don't explicitly install the latest version of Pillow
, and this file might force install the older version. Can this be mitigated by updating that library so that it doesn't refer to the old version?
Description
Hi team,
For use with our ECS containers, we pull the base Triton server image from the official Nvidia repo and then re-tag and upload to our private AWS ECR repository, without making any modifications.
We recently enabled enhanced scanning on our ECR repo, after which we were notified of a couple of security vulnerabilities that were tagged as CRITICAL severity.
Both the vulnerabilities refer to the usage of the package Pillow and recommend that we avoid usage of versions before 9.x.
When I run
pip list | grep Pillow
inside the Triton container, I see that Pillow is not installed in the base image, but ECR finds the older version of Pillow referenced in/opt/hpcx/clusterkit/bin/output/requirements.txt
. Even if I update the image to install the latest version of Pillow, ECR still flags this file.Looks like HPC-X and ClusterKit come as part of the base image, and is not something we have control over. Please investigate if ClusterKit or it's dependencies need to be updated to avoid this. I will also check with AWS support to get more details and next steps, but wanted to share this here in case it can be changed by the Triton team.
Triton Information
What version of Triton are you using? => 23.07 Are you using the Triton container or did you build it yourself? => Image obtained from Nvidia official repo (23.07-py3)
To Reproduce
Expected behavior
Security scan of the base images should not result in any Critical security findings.