Numpy==1.21.3 Denial of Service (DoS) & NULL Pointer Dereference & Buffer Overflow

[numersoz]

Synk security scan is giving Denial of Service (DoS) & NULL Pointer Dereference & Buffer Overflow to numpy==1.21.3 version.

I couldn't locate requirements.txt file for databricks-sql-python package. Is the version >=1.21.3?

This package is identified as one that depends on this specific Numpy version.

https://security.snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964?_gl=1%2a1f3l87s%2a_ga%2aODg3MDQzNTMyLjE2OTA0MjUyOTE.%2a_ga_X9SH3KP7B4%2aMTY5MjI4OTA0MC42LjEuMTY5MjI5MjY3MC4wLjAuMA..

https://security.snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966?_gl=1%2a1m55uiu%2a_ga%2aODg3MDQzNTMyLjE2OTA0MjUyOTE.%2a_ga_X9SH3KP7B4%2aMTY5MjI4OTA0MC42LjEuMTY5MjI5MjY4Mi4wLjAuMA..

https://security.snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970?_gl=1%2a1rlzldx%2a_ga%2aODg3MDQzNTMyLjE2OTA0MjUyOTE.%2a_ga_X9SH3KP7B4%2aMTY5MjI4OTA0MC42LjEuMTY5MjI5MjU3NC4wLjAuMA..