[Bug]: Trivy security scanners report issues from v0.7.2 despite run on v0.8.5.post1+Gaudi-1.21.2

[kkurzacz-intel]

Your current environment

N/A

🐛 Describe the bug

Hello, I'm facing issue that security scanner Trivy detects old traces of vllm v0.7.2, despite using v0.8.5.post1+Gaudi-1.21.2. That is quite problematic, because Trivy reports are part of security reports and are visible for security staff of our team and clients that use the product.

We use the code in Dockerfile as pulling repo and installing via pip.
You can see at https://github.com/opea-project
src/comps/llms/impl/model_server/vllm/docker/hpu/Dockerfile

However, when it comes to scanning the image, trivy says it detects v0.7.2 with critical vulnerabilities:

┌────────────────────────────────────────────────────┬─────────────────────┬──────────┬──────────┬────────────────────────────────┬────────────────────────┬──────────────────────────────────────────────────────────────┐
│                      Library                       │    Vulnerability    │ Severity │  Status  │       Installed Version        │     Fixed Version      │                            Title                             │
├────────────────────────────────────────────────────┼─────────────────────┼──────────┼──────────┼────────────────────────────────┼────────────────────────┼──────────────────────────────────────────────────────────────┤
│ vllm (vllm-0.7.2+gaudi.1.21.2.gaudi000-py3.10.egg) │ CVE-2025-32444      │          │          │                                │ 0.8.5                  │ vllm: vLLM Vulnerable to Remote Code Execution via Mooncake  │
│                                                    │                     │          │          │                                │                        │ Integration                                                  │
│                                                    │                     │          │          │                                │                        │ https://avd.aquasec.com/nvd/cve-2025-32444                   │
├────────────────────────────────────────────────────┤                     │          │          │                                │                        │                                 

I can see that when checking out mentioned version, there are some v0.7.2 leftovers:

$ git status
HEAD detached at v0.8.5.post1+Gaudi-1.21.2
nothing to commit, working tree clean

$ grep -Ri '0\.7\.2'
.git/packed-refs:0275ce4c257e2a82f87118ec3e9207ad813943eb refs/tags/v0.7.2+Gaudi-1.21.0
.git/packed-refs:9f1222c5060833a448caa48136b02a368096b814 refs/tags/v0.7.2+Gaudi-1.21.2
.cd/Dockerfile.ubuntu.pytorch.vllm:ARG VLLM_FORK_COMMIT=v0.7.2+Gaudi-1.21.2
RELEASE.md:| Feb 2025 | 0.7.1, 0.7.2, 0.7.3  | --- |
RELEASE.md:| Nov 2025 | 0.7.20, 0.7.21 | --- |
RELEASE.md:| Dec 2025 | 0.7.22, 0.7.23 | --- |
docs/source/getting_started/installation/ai_accelerator/hpu-gaudi.inc.md:git checkout v0.7.2+Gaudi-1.21.2
examples/README.md:> Not all examples in this folder are Intel Gaudi specific and come from the original vllm-project repository from where this fork was created. For examples such as offline inference with openAI on Intel Gaudi please refer to [Intel® Gaudi® README supported features table](https://github.com/HabanaAI/vllm-fork/blob/v0.7.2%2BGaudi-1.21.2/README_GAUDI.md#supported-features) and the [quantization section](https://github.com/HabanaAI/vllm-fork/blob/v0.7.2%2BGaudi-1.21.2/README_GAUDI.md#quantization-fp8-inference-and-model-calibration-process) for FP8 examples.

Can you please take a look and tell whether I should rather add trivy exception, or you can adjust tags into codebase?

Before submitting a new issue...

• Make sure you already searched for relevant issues, and asked the chatbot living at the bottom right corner of the documentation page, which can answer lots of frequently asked questions.