forked from determined-ai/determined
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.grype.yaml
98 lines (93 loc) · 3.91 KB
/
.grype.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
---
ignore:
# These vulnerabilities are disputed or awaiting analysis by the NumPy, Scikit-learn, or Python communities
- vulnerability: CVE-2020-13092
- vulnerability: CVE-2021-41495
- vulnerability: CVE-2021-41496
- vulnerability: CVE-2015-20107
# These vulnerabilities pertain to the Docker engine (or proprietary distributions), but only the Python client is included in the images
- vulnerability: CVE-2017-7297
- vulnerability: CVE-2019-13139
- vulnerability: CVE-2019-13509
- vulnerability: CVE-2019-16884
- vulnerability: CVE-2019-5736
# This vulnerability is fixed in JupyterLab 3.2.0, but was still flagged after we moved to that version
- vulnerability: CVE-2021-32797
# These vulnerabilities are fixed in newer versions of TensorFlow, but not in 1.15 which is out of maintenance and no longer our default
- vulnerability: GHSA-2r8p-fg3c-wcj4
- vulnerability: GHSA-4xfp-4pfp-89wg
- vulnerability: GHSA-5xwc-mrhx-5g3m
- vulnerability: GHSA-6gv8-p3vj-pxvr
- vulnerability: GHSA-6p5r-g9mq-ggh2
- vulnerability: GHSA-7fvx-3jfc-2cpc
- vulnerability: GHSA-8pmx-p244-g88h
- vulnerability: GHSA-9c8h-vvrj-w2p8
- vulnerability: GHSA-c5x2-p679-95wc
- vulnerability: GHSA-c9qf-r67m-p7cg
- vulnerability: GHSA-cgfm-62j4-v4rf
- vulnerability: GHSA-cwv3-863g-39vx
- vulnerability: GHSA-f5cx-5wr3-5qrc
- vulnerability: GHSA-f8h4-7rgh-q2gm
- vulnerability: GHSA-fcwc-p4fc-c5cc
- vulnerability: GHSA-g25h-jr74-qp5j
- vulnerability: GHSA-g8wg-cjwc-xhhp
- vulnerability: GHSA-gh6x-4whr-2qv4
- vulnerability: GHSA-h4pc-gx2w-f2xv
- vulnerability: GHSA-hpv4-7p9c-mvfr
- vulnerability: GHSA-hwr7-8gxx-fj5p
- vulnerability: GHSA-jf7h-7m85-w2v2
- vulnerability: GHSA-m7fm-4jfh-jrg6
- vulnerability: GHSA-q3g3-h9r4-prrc
- vulnerability: GHSA-qr82-2c78-4m8h
- vulnerability: GHSA-r4c4-5fpq-56wg
- vulnerability: GHSA-r6jx-9g48-2r5r
- vulnerability: GHSA-v768-w7m9-2vmm
- vulnerability: GHSA-v82p-hv3v-p6qp
- vulnerability: GHSA-w4xf-2pqw-5mq7
- vulnerability: GHSA-w74j-v8xh-3w5h
- vulnerability: GHSA-wp77-4gmm-7cq8
- vulnerability: GHSA-374m-jm66-3vj8
- vulnerability: GHSA-3rcw-9p9x-582v
- vulnerability: GHSA-49rx-x2rw-pc6f
- vulnerability: GHSA-4f99-p9c2-3j8x
- vulnerability: GHSA-57wx-m983-2f88
- vulnerability: GHSA-7pxj-m4jf-r6h2
- vulnerability: GHSA-cqv6-3phm-hcwx
- vulnerability: GHSA-f54p-f6jp-4rhr
- vulnerability: GHSA-fr77-rrx3-cp7g
- vulnerability: GHSA-j86v-p27c-73fm
- vulnerability: GHSA-m342-ff57-4jcc
- vulnerability: GHSA-pgcq-h79j-2f69
- vulnerability: GHSA-rg3m-hqc5-344v
- vulnerability: GHSA-vwhq-49r4-gj9v
# These vulnerabilities are fixed in newer versions of TensorFlow, but not in 2.4 which is out of maintenance and no longer our default
- vulnerability: GHSA-8jj7-5vxc-pg2q
- vulnerability: GHSA-98p5-x8x4-c9m5
- vulnerability: GHSA-9c78-vcq7-7vxq
- vulnerability: GHSA-9gwq-6cwj-47h3
- vulnerability: GHSA-c6fh-56w7-fvjw
- vulnerability: GHSA-h6gw-r52c-724r
- vulnerability: GHSA-pfjj-m3jj-9jc9
- vulnerability: GHSA-q85f-69q7-55h2
- vulnerability: GHSA-qx3f-p745-w4hr
- vulnerability: GHSA-vjg4-v33c-ggc4
- vulnerability: GHSA-wc4g-r73w-x8mm
- vulnerability: GHSA-23hm-7w47-xw72
- vulnerability: GHSA-247x-2f9f-5wp7
- vulnerability: GHSA-24x4-6qmh-88qg
- vulnerability: GHSA-43q8-3fv7-pr5x
- vulnerability: GHSA-44qp-9wwf-734r
- vulnerability: GHSA-4hvf-hxvg-f67v
- vulnerability: GHSA-5qw5-89mw-wcg2
- vulnerability: GHSA-6gmv-pjp9-p8w8
- vulnerability: GHSA-77gp-3h4r-6428
# These vulnerabilities are found in ROCm-specific tools and will not be addressed at this time
- vulnerability: GHSA-47wv-vhj2-g66m
- vulnerability: GHSA-8c5j-9r9f-c6w8
- vulnerability: GHSA-53qw-q765-4fww
- vulnerability: GHSA-v6rh-hp5x-86rv
- vulnerability: GHSA-8vj2-vxx3-667w
- vulnerability: GHSA-9j59-75qj-795w
- vulnerability: GHSA-pw3c-h7wp-cvhx
- vulnerability: GHSA-p5w8-wqhj-9hhf
- vulnerability: GHSA-p737-p57g-4cpr