Code Security Audit Results

[TimCraigCGPS]

Hello,
I have some results of a security audit from my company's internal IT department that they said I could share with everyone. Medium or higher prevents usage of any software. It would be very helpful for future versions if someone might be able to take a look at these. I'm not really a strong coder so I cannot be much help myself. Thanks!

check_id	severity	path	message	License	Vulnerability	Source	Do we have control to remediate?	If possible to remediate, how will this affect functionality?
javascript.browser.security.insecure-document-method.insecure-document-method	HIGH	sokrypton-ColabDesign-16e03c2/colabdesign/rf/blueprint.js	User controlled data in methods like `innerHTML`, `outerHTML` or `document.write` is an anti-pattern that can lead to XSS vulnerabilities	Semgrep Rules License v1.0. For more details, visit semgrep.dev/legal/rules-license	Cross-Site-Scripting (XSS)	https://semgrep.dev/r/javascript.browser.security.insecure-document-method.insecure-document-method
trailofbits.python.pickles-in-numpy.pickles-in-numpy	HIGH	sokrypton-ColabDesign-16e03c2/colabdesign/tr/legacy/model.py	Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method	AGPL-3.0 license	Insecure Deserialization	https://semgrep.dev/r/trailofbits.python.pickles-in-numpy.pickles-in-numpy
trailofbits.python.pickles-in-numpy.pickles-in-numpy	HIGH	sokrypton-ColabDesign-16e03c2/colabdesign/tr/trrosetta.py	Functions reliant on pickle can result in arbitrary code execution.  Consider using fickling or switching to a safer serialization method	AGPL-3.0 license	Insecure Deserialization	https://semgrep.dev/r/trailofbits.python.pickles-in-numpy.pickles-in-numpy