The latest DeepStream 6.3 containers include a CVE related to WebP functionality.
Please be advised that this CVE is a false positive, as WebP is supported out-of-the-box in DeepStream.
Recommended Action:
As a precautionary measure, we recommend patching your container by executing the following steps:
$sudo apt-get update
$sudo apt install libwebp6
$sudo apt install libwebpmux3
Save Patched Container:
Furthermore, we recommend saving a version of your container once it has been patched.
To do this, please follow the steps provided below on the terminal of your host machine:
$ docker ps –a
CONTAINER ID IMAGE COMMAND CREATED STATUS
931e4f76454e nvcr.io/nvidia/deepstream:6.3 "bash" 22 seconds ago Exited (0) 4 seconds ago
$ docker commit 931e4f76454e nvcr.io/nvidia/deepstream:6.3-updated