The Docker images produced by vLLM project have > 100 vulnerabilities
These mostly come from the dependency on a full ubuntu base image. This base image is great because it allows for installation of CUDA and other GPU dependencies. It's difficult to find distroless cuda-ready images. This issue is a request to find/create an image like that (preferably) or to reduce the vulnerabilities some other way, such as uninstalling unused ubuntu utils.
hmellor
commented
3 months ago
The Docker images produced by vLLM project have > 100 vulnerabilities
These mostly come from the dependency on a full ubuntu base image. This base image is great because it allows for installation of CUDA and other GPU dependencies. It's difficult to find distroless cuda-ready images. This issue is a request to find/create an image like that (preferably) or to reduce the vulnerabilities some other way, such as uninstalling unused ubuntu utils.