ReDoS in Embedchain · CVE-2024-23732 · GitHub Advisory Database · GitHub

ReDoS in Embedchain

Moderate severity GitHub Reviewed Published Jan 21, 2024 to the GitHub Advisory Database • Updated Jan 22, 2024

Package

embedchain (pip)

Affected versions

< 0.1.57

Patched versions

0.1.57

Description

The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py.

References

Published by the National Vulnerability Database

Jan 21, 2024

Published to the GitHub Advisory Database Jan 21, 2024

Reviewed Jan 22, 2024

Last updated Jan 22, 2024