Merge branch 'master' into add_nixl

Author: Jyothirmaikottu

tensorflow/training/docker/2.18/py3/Dockerfile.cpu

@@ -271,7 +271,7 @@ RUN $PYTHON -m pip install --no-cache-dir -U \
     plotly \
     seaborn \
     shap \
-    numpy
+    "numpy<2"
 
 RUN $PYTHON -m pip install --no-cache-dir -U \
     "sagemaker<3"

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.ec2.gpu.os_scan_allowlist.json

@@ -2518,36 +2518,5 @@
       "title": "CVE-2025-4565 - protobuf",
       "reason_to_ignore": "protobuf upgrade is not possible at the moment - this version has dependency with tensorflow metadata "
     }
-  ],
-  "fast-redact": [
-    {
-      "description": "fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence. NOTE: the Supplier disputes this because the reporter only demonstrated access to properties by an internal utility function, and there is no means for achieving prototype pollution via the public API.",
-      "vulnerability_id": "CVE-2025-57319",
-      "name": "CVE-2025-57319",
-      "package_name": "fast-redact",
-      "package_details": {
-        "file_path": "/usr/local/lib/python3.10/site-packages/jupyterlab/staging/yarn.lock",
-        "name": "fast-redact",
-        "package_manager": "NODE",
-        "version": "3.5.0",
-        "release": null
-      },
-      "remediation": {
-        "recommendation": {
-          "text": "None Provided"
-        }
-      },
-      "cvss_v3_score": 7.5,
-      "cvss_v30_score": 0,
-      "cvss_v31_score": 7.5,
-      "cvss_v2_score": 0,
-      "cvss_v3_severity": "HIGH",
-      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57319",
-      "source": "NVD",
-      "severity": "HIGH",
-      "status": "ACTIVE",
-      "title": "CVE-2025-57319 - fast-redact",
-      "reason_to_ignore": "N/A"
-    }
   ]
 }

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.gpu

@@ -374,7 +374,7 @@ RUN $PYTHON -m pip install --no-cache-dir -U \
     plotly \
     seaborn \
     shap \
-    numpy
+    "numpy<2"
 
 RUN $PYTHON -m pip install --no-cache-dir -U \
     "sagemaker<3"

tensorflow/training/docker/2.18/py3/cu125/Dockerfile.sagemaker.gpu.os_scan_allowlist.json

@@ -3459,5 +3459,36 @@
       "title": "CVE-2025-7783 - form-data",
       "reason_to_ignore": "N/A"
     }
+  ],
+  "fast-redact": [
+    {
+      "description": "fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence. NOTE: the Supplier disputes this because the reporter only demonstrated access to properties by an internal utility function, and there is no means for achieving prototype pollution via the public API.",
+      "vulnerability_id": "CVE-2025-57319",
+      "name": "CVE-2025-57319",
+      "package_name": "fast-redact",
+      "package_details": {
+        "file_path": "/usr/local/lib/python3.10/site-packages/jupyterlab/staging/yarn.lock",
+        "name": "fast-redact",
+        "package_manager": "NODE",
+        "version": "3.5.0",
+        "release": null
+      },
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      },
+      "cvss_v3_score": 7.5,
+      "cvss_v30_score": 0,
+      "cvss_v31_score": 7.5,
+      "cvss_v2_score": 0,
+      "cvss_v3_severity": "HIGH",
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57319",
+      "source": "NVD",
+      "severity": "HIGH",
+      "status": "ACTIVE",
+      "title": "CVE-2025-57319 - fast-redact",
+      "reason_to_ignore": "N/A"
+    }
   ]
 }