aws · Atharva-Rajan-Kale · May 27, 2025 · May 27, 2025 · May 27, 2025 · May 28, 2025
@@ -1,7 +1,7 @@
 account_id: &ACCOUNT_ID <set-$ACCOUNT_ID-in-environment>
 region: &REGION <set-$REGION-in-environment>
 framework: &FRAMEWORK autogluon
-version: &VERSION 1.3.0
+version: &VERSION 1.3.1
 short_version: &SHORT_VERSION 1.3
 arch_type: x86
 

@@ -17,9 +17,13 @@ RUN apt-get update \
  && apt-get autoremove -y \
  && apt-get install tesseract-ocr -y \
  && apt-get clean \
+ build-essential \
+ python3-dev \
+ python3-setuptools \
  && rm -rf /var/lib/apt/lists/*
 
-ARG AUTOGLUON_VERSION=1.3.0
+ARG AUTOGLUON_VERSION=1.3.1
+RUN pip install --no-cache-dir -U pip setuptools wheel build
 
 # Upgrading pip and installing/updating Python dependencies
 # Comments are added to explain the reason behind each update

@@ -385,5 +385,129 @@
       "title": "CVE-2024-43598 - lightgbm",
       "reason_to_ignore": "No fix provided"
     }
+  ],
+  "nltk": [
+    {
+      "description": "NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.", 
+      "vulnerability_id": "CVE-2024-39705", 
+      "name": "CVE-2024-39705", 
+      "package_name": "nltk", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/nltk-3.8.1.dist-info/METADATA", 
+        "name": "nltk", 
+        "package_manager": "PYTHON", 
+        "version": "3.8.1", 
+        "release": null 
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 9.8, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 9.8, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "CRITICAL", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39705", 
+      "source": "NVD", 
+      "severity": "CRITICAL", 
+      "status": "ACTIVE", 
+      "title": "CVE-2024-39705 - nltk", 
+      "reason_to_ignore": "N/A"
+    }
+  ],
+  "tornado": [
+    {
+      "description": "Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.", 
+      "vulnerability_id": "CVE-2025-47287", 
+      "name": "CVE-2025-47287", 
+      "package_name": "tornado", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/tornado-6.4.2.dist-info/METADATA", 
+        "name": "tornado", 
+        "package_manager": "PYTHON", 
+        "version": "6.4.2", 
+        "release": null
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 7.5, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 7.5, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "HIGH", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287", 
+      "source": "NVD", 
+      "severity": "HIGH", 
+      "status": "ACTIVE", 
+      "title": "CVE-2025-47287 - tornado", 
+      "reason_to_ignore": "N/A"
+    }
+  ],
+  "torch": [
+    {
+      "description": "PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.", 
+      "vulnerability_id": "CVE-2025-32434", 
+      "name": "CVE-2025-32434", 
+      "package_name": "torch", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/torch-2.5.1+cpu.dist-info/METADATA", 
+        "name": "torch", 
+        "package_manager": "PYTHON", 
+        "version": "2.5.1+cpu", 
+        "release": null
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 9.8, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 9.8, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "CRITICAL", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32434", 
+      "source": "NVD", 
+      "severity": "CRITICAL", 
+      "status": "ACTIVE", 
+      "title": "CVE-2025-32434 - torch", 
+      "reason_to_ignore": "N/A"
+    }
+  ], 
+  "transformers": [
+    {
+      "description": "A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.", 
+      "vulnerability_id": "CVE-2025-2099", 
+      "name": "CVE-2025-2099", 
+      "package_name": "transformers", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/transformers-4.49.0.dist-info/METADATA", 
+        "name": "transformers", 
+        "package_manager": "PYTHON", 
+        "version": "4.49.0", 
+        "release": null
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 7.5, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 7.5, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "HIGH", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2099", 
+      "source": "NVD", 
+      "severity": "HIGH", 
+      "status": "ACTIVE", 
+      "title": "CVE-2025-2099 - transformers", 
+      "reason_to_ignore": "N/A"
+    }
   ]
 }
@@ -1,4 +1,7 @@
 {
     "65189": "Ray - autogluon uses ray >=2.10,< 2.45",
-    "77149": "Transformers - ReDoS vulnerability in GPT-NeoX-Japanese tokenizer that autogluon doesn't use"
+    "77149": "Transformers - ReDoS vulnerability in GPT-NeoX-Japanese tokenizer that autogluon doesn't use",
+    "72089": "Affected versions of NLTK are vulnerable to Remote Code Execution if untrusted packages have pickled Python code",
+    "77319": "When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.",
+    "77323": "Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing"
 }
@@ -18,9 +18,13 @@ RUN apt-get update \
  && apt-get autoremove -y \
  && apt-get install tesseract-ocr -y \
  && apt-get clean \
+ build-essential \
+ python3-dev \
+ python3-setuptools \
  && rm -rf /var/lib/apt/lists/*
 
-ARG AUTOGLUON_VERSION=1.3.0
+ARG AUTOGLUON_VERSION=1.3.1
+RUN pip install --no-cache-dir -U pip setuptools wheel build
 
 
 # Upgrading pip and installing/updating Python dependencies

@@ -385,5 +385,129 @@
       "title": "CVE-2024-43598 - lightgbm",
       "reason_to_ignore": "No fix provided"
     }
+  ],
+  "nltk": [
+    {
+      "description": "NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.", 
+      "vulnerability_id": "CVE-2024-39705", 
+      "name": "CVE-2024-39705", 
+      "package_name": "nltk", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/nltk-3.8.1.dist-info/METADATA", 
+        "name": "nltk", 
+        "package_manager": "PYTHON", 
+        "version": "3.8.1", 
+        "release": null 
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 9.8, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 9.8, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "CRITICAL", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39705", 
+      "source": "NVD", 
+      "severity": "CRITICAL", 
+      "status": "ACTIVE", 
+      "title": "CVE-2024-39705 - nltk", 
+      "reason_to_ignore": "N/A"
+    }
+  ],
+  "tornado": [
+    {
+      "description": "Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type: multipart/form-data` in a proxy.", 
+      "vulnerability_id": "CVE-2025-47287", 
+      "name": "CVE-2025-47287", 
+      "package_name": "tornado", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/tornado-6.4.2.dist-info/METADATA", 
+        "name": "tornado", 
+        "package_manager": "PYTHON", 
+        "version": "6.4.2", 
+        "release": null
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 7.5, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 7.5, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "HIGH", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47287", 
+      "source": "NVD", 
+      "severity": "HIGH", 
+      "status": "ACTIVE", 
+      "title": "CVE-2025-47287 - tornado", 
+      "reason_to_ignore": "N/A"
+    }
+  ],
+  "torch": [
+    {
+      "description": "PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution (RCE) vulnerability exists in PyTorch when loading a model using torch.load with weights_only=True. This issue has been patched in version 2.6.0.", 
+      "vulnerability_id": "CVE-2025-32434", 
+      "name": "CVE-2025-32434", 
+      "package_name": "torch", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/torch-2.5.1+cpu.dist-info/METADATA", 
+        "name": "torch", 
+        "package_manager": "PYTHON", 
+        "version": "2.5.1+cpu", 
+        "release": null
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 9.8, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 9.8, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "CRITICAL", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32434", 
+      "source": "NVD", 
+      "severity": "CRITICAL", 
+      "status": "ACTIVE", 
+      "title": "CVE-2025-32434 - torch", 
+      "reason_to_ignore": "N/A"
+    }
+  ], 
+  "transformers": [
+    {
+      "description": "A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.", 
+      "vulnerability_id": "CVE-2025-2099", 
+      "name": "CVE-2025-2099", 
+      "package_name": "transformers", 
+      "package_details": {
+        "file_path": "/opt/conda/lib/python3.11/site-packages/transformers-4.49.0.dist-info/METADATA", 
+        "name": "transformers", 
+        "package_manager": "PYTHON", 
+        "version": "4.49.0", 
+        "release": null
+      }, 
+      "remediation": {
+        "recommendation": {
+          "text": "None Provided"
+        }
+      }, 
+      "cvss_v3_score": 7.5, 
+      "cvss_v30_score": 0.0, 
+      "cvss_v31_score": 7.5, 
+      "cvss_v2_score": 0.0, 
+      "cvss_v3_severity": "HIGH", 
+      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2099", 
+      "source": "NVD", 
+      "severity": "HIGH", 
+      "status": "ACTIVE", 
+      "title": "CVE-2025-2099 - transformers", 
+      "reason_to_ignore": "N/A"
+    }
   ]
 }
@@ -1,4 +1,7 @@
 {
     "65189": "Ray - autogluon uses ray >=2.10,< 2.45",
-    "77149": "Transformers - ReDoS vulnerability in GPT-NeoX-Japanese tokenizer that autogluon doesn't use"
+    "77149": "Transformers - ReDoS vulnerability in GPT-NeoX-Japanese tokenizer that autogluon doesn't use",
+    "72089": "Affected versions of NLTK are vulnerable to Remote Code Execution if untrusted packages have pickled Python code",
+    "77319": "When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS attack. This DoS is compounded by the fact that the logging subsystem is synchronous.",
+    "77323": "Affected versions of Flask (≤ 3.1.0) are vulnerable to incorrect fallback key configuration in session signing"
 }
@@ -0,0 +1,14 @@
+import os
+
+try:
+    if os.path.exists("/usr/local/bin/deep_learning_container.py") and (
+        os.getenv("OPT_OUT_TRACKING") is None or os.getenv("OPT_OUT_TRACKING", "").lower() != "true"
+    ):
+        import threading
+
+        cmd = "python /usr/local/bin/deep_learning_container.py --framework autogluon --framework-version 1.3.1 --container-type inference &>/dev/null"
+        x = threading.Thread(target=lambda: os.system(cmd))
+        x.setDaemon(True)
+        x.start()
+except Exception:
+    pass
@@ -0,0 +1,12 @@
+# telemetry.sh
+#!/bin/bash
+if [ -f /usr/local/bin/deep_learning_container.py ] && [[ -z "${OPT_OUT_TRACKING}" || "${OPT_OUT_TRACKING,,}" != "true" ]]; then
+    (
+        python /usr/local/bin/deep_learning_container.py \
+            --framework "autogluon" \
+            --framework-version "1.3.1" \
+            --container-type "inference" \
+            &>/dev/null &
+    )
+fi
+
@@ -1,7 +1,7 @@
 account_id: &ACCOUNT_ID <set-$ACCOUNT_ID-in-environment>
 region: &REGION <set-$REGION-in-environment>
 framework: &FRAMEWORK autogluon
-version: &VERSION 1.3.0
+version: &VERSION 1.3.1
 short_version: &SHORT_VERSION 1.3
 arch_type: x86
 

@@ -18,10 +18,13 @@ RUN apt-get update \
  # Install rsync to support ray distributed training
  && apt-get install rsync -y \
  && apt-get clean \
+ build-essential \
+ python3-dev \
+ python3-setuptools \
  && rm -rf /var/lib/apt/lists/*
 
-ARG AUTOGLUON_VERSION=1.3.0
-
+ARG AUTOGLUON_VERSION=1.3.1
+RUN pip install --no-cache-dir -U pip setuptools wheel build
 # Upgrading pip and installing/updating Python dependencies
 # Comments are added to explain the reason behind each update
 RUN pip install --no-cache-dir -U --trusted-host pypi.org --trusted-host files.pythonhosted.org pip \