Address CVEs for TF 2.18 (#5360)

Author: sallyseok

tensorflow/training/buildspec-2-18-sm.yml

@@ -5,6 +5,7 @@ framework: &FRAMEWORK tensorflow
 version: &VERSION 2.18.0
 short_version: &SHORT_VERSION "2.18"
 arch_type: x86
+# These images need autopatch turned off
 # autopatch_build: "True"
 
 repository_info:

tensorflow/training/docker/2.18/py3/Dockerfile.sagemaker.cpu.os_scan_allowlist.json

@@ -3459,5 +3459,36 @@
       "title": "CVE-2025-7783 - form-data",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "fast-redact": [
+    {
+      "description": "fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence. NOTE: the Supplier disputes this because the reporter only demonstrated access to properties by an internal utility function, and there is no means for achieving prototype pollution via the public API.",
+      "vulnerability_id": "CVE-2025-57319",
+      "name": "CVE-2025-57319",
+      "package_name": "fast-redact",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.10/site-packages/jupyterlab/staging/yarn.lock",
+        "name": "fast-redact",
+        "package_manager": "NODE",
+        "version": "3.5.0",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57319",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-57319 - fast-redact",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.ec2.gpu.os_scan_allowlist.json

@@ -2518,5 +2518,36 @@
       "title": "CVE-2025-4565 - protobuf",
       "reason_to_ignore": "protobuf upgrade is not possible at the moment - this version has dependency with tensorflow metadata "
     }
+  ],
+  "fast-redact": [
+    {
+      "description": "fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence. NOTE: the Supplier disputes this because the reporter only demonstrated access to properties by an internal utility function, and there is no means for achieving prototype pollution via the public API.",
+      "vulnerability_id": "CVE-2025-57319",
+      "name": "CVE-2025-57319",
+      "package_name": "fast-redact",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.10/site-packages/jupyterlab/staging/yarn.lock",
+        "name": "fast-redact",
+        "package_manager": "NODE",
+        "version": "3.5.0",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57319",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-57319 - fast-redact",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }