Merge branch 'master' into basecu128

Yadan-Wei · web-flow · commit 638c3cff99f1 · 2025-08-18T18:06:00.000-07:00
diff --git a/release_images_general.yml b/release_images_general.yml
@@ -15,6 +15,20 @@ release_images:
       force_release: False
       public_registry: True
   2:
+    framework: "base"
+    version: "12.9.1"
+    arch_type: "x86"
+    customer_type: "ec2"
+    general:
+      device_types: [ "gpu" ]
+      python_versions: [ "py312" ]
+      os_version: "ubuntu22.04"
+      cuda_version: "cu129"
+      example: False
+      disable_sm_tag: False
+      force_release: False
+      public_registry: True
+  3:
     framework: "vllm"
     version: "0.10.0"
     arch_type: "x86"
diff --git a/release_images_inference.yml b/release_images_inference.yml
@@ -235,4 +235,17 @@ release_images:
       cuda_version: "cu126"
       example: False
       disable_sm_tag: True
-      force_release: False
+      force_release: False
+  19:
+    framework: "djl"
+    version: "0.0.0.dev1"
+    arch_type: "x86"
+    inference:
+      device_types: [ "gpu" ]
+      python_versions: [ "py311" ]
+      os_version: "ubuntu22.04"
+      lmi_version: "0.0.0.dev1"
+      cuda_version: "cu128"
+      example: False
+      disable_sm_tag: True
+      force_release: False
diff --git a/tensorflow/training/docker/2.19/py3/Dockerfile.sagemaker.cpu.os_scan_allowlist.json b/tensorflow/training/docker/2.19/py3/Dockerfile.sagemaker.cpu.os_scan_allowlist.json
@@ -129,5 +129,32 @@
       "title": "CVE-2024-37890 - ws, ws",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "keras": [
+    {
+      "description": "A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.",
+      "vulnerability_id": "CVE-2025-8747",
+      "name": "CVE-2025-8747",
+      "package_name": "keras",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.12/site-packages/keras-3.10.0.dist-info/METADATA",
+        "name": "keras",
+        "package_manager": "PYTHON",
+        "version": "3.10.0",
+        "release": null
+      },
+      "remediation": { "recommendation": { "text": "None Provided" } },
+      "cvss_v3_score": 7.8,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 7.8,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8747",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-8747 - keras",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }
diff --git a/tensorflow/training/docker/2.19/py3/cu125/Dockerfile.sagemaker.gpu.os_scan_allowlist.json b/tensorflow/training/docker/2.19/py3/cu125/Dockerfile.sagemaker.gpu.os_scan_allowlist.json
@@ -129,5 +129,32 @@
       "title": "CVE-2024-37890 - ws, ws",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "keras": [
+    {
+      "description": "A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.",
+      "vulnerability_id": "CVE-2025-8747",
+      "name": "CVE-2025-8747",
+      "package_name": "keras",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.12/site-packages/keras-3.10.0.dist-info/METADATA",
+        "name": "keras",
+        "package_manager": "PYTHON",
+        "version": "3.10.0",
+        "release": null
+      },
+      "remediation": { "recommendation": { "text": "None Provided" } },
+      "cvss_v3_score": 7.8,
+      "cvss_v30_score": 0.0,
+      "cvss_v31_score": 7.8,
+      "cvss_v2_score": 0.0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8747",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-8747 - keras",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }
