Msrc Cbl2 Numpy 1.22.0-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2021-41496 [MEDIUM] CWE-120 Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19 which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative value Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who ch

CVE-2021-41495 [MEDIUM] CWE-476 Null Pointer Dereference vulnerability exists in numpy.sort in NumPy &lt and 1.19 in the PyArray_DescrNew function due to missing return-value validation which allows attackers to conduct DoS attacks Null Pointer Dereference vulnerability exists in numpy.sort in NumPy < and 1.19 in the PyArray_DescrNew function due to missing return-value validation which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that valida