Newly released based image for Azure Machine Learning contains medium- and high-level security vulnerabillities

Question

Newly released based image for Azure Machine Learning contains medium- and high-level security vulnerabillities

Li Shuang 6

Hi,

We are currently using the latest (as of 4 Aug 2022) container based image released by Microsoft for our AML workloads: mcr.microsoft.com/azureml/openmpi4.1.0-ubuntu20.04:20220729.v1 (https://github.com/Azure/AzureML-Containers/blob/master/base/cpu/openmpi4.1.0-ubuntu20.04/release-notes.md).

However, this image contains the following security vulnerabilities:

We would like to know if it's possible to resolve them (we are not sure how to implement the remedy provided).
In our company, vulnerable container registry images would be deleted automatically - hence it's important for us to know how to make the image secure.

Thanks!

Ramr-msft 17,836 Reputation points

2022-08-05T03:35:02.663+00:00

@Li Shuang Thanks for the question. We are checking the issue with the product team on this.
Nancy Veronica Valdebenito Molina 5 Reputation points

2023-07-12T16:07:29.3633333+00:00

I have the same question. I don't know solution yet.

https://learn.microsoft.com/en-us/azure/machine-learning/how-to-troubleshoot-environments?view=azureml-api-2

Your answer

Ramr-msft 17,836 Reputation points

2022-08-05T03:35:02.663+00:00

@Li Shuang Thanks for the question. We are checking the issue with the product team on this.
Nancy Veronica Valdebenito Molina 5 Reputation points

2023-07-12T16:07:29.3633333+00:00

I have the same question. I don't know solution yet.

https://learn.microsoft.com/en-us/azure/machine-learning/how-to-troubleshoot-environments?view=azureml-api-2

Share via

Newly released based image for Azure Machine Learning contains medium- and high-level security vulnerabillities

Your answer