PyPI package
embedchain
pkg:pypi/embedchain
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23732 | — | < 0.1.57 | 0.1.57 | Jan 21, 2024 | The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py. | ||
| CVE-2024-23731 | — | < 0.1.57 | 0.1.57 | Jan 21, 2024 | The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument. |
- CVE-2024-23732Jan 21, 2024affected < 0.1.57fixed 0.1.57
The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py.
- CVE-2024-23731Jan 21, 2024affected < 0.1.57fixed 0.1.57
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument.