From d9c29535fb36888b856f1dae2a04b8689fd567ad Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 28 Jul 2025 02:58:20 +0000
Subject: [PATCH] fix:
 samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-10364902
---
 samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt b/samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt
index 6887c2ab2ce2..1cbeb34b4048 100644
--- a/samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt
+++ b/samples/dnn/dnn_model_runner/dnn_conversion/requirements.txt
@@ -1,6 +1,6 @@
 # Python 3.7.5
 onnx>=1.7.0
-numpy>=1.19.1
+numpy>=1.22.2
 
 torch>=1.5.1
 torchvision>=0.6.1
@@ -12,4 +12,5 @@ paddlepaddle>=2.0.0
 paddlepaddle-gpu>=2.0.0
 paddlehub>=2.1.0
 paddle2onnx>=0.5.1
-paddleseg>=2.0.0
\ No newline at end of file
+paddleseg>=2.0.0
+protobuf>=4.25.8 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file