5 matches found
CVE-2024-23732
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
agenticos (>=0.0.1 <=0.0.3.155020), agentx-tools (>=0.2.0 <=0.7.1) +15 more potentially affected by CVE-2024-23732 via embedchain (>=0.0.18 <=0.1.128)
embedchain PYPI version =0.0.18, =0.0.1, =0.2.0, =0.28.9rc1, =0.13.0, =0.1.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.0.19, =0.1.2, =1.2.0, =1.8.0 and more Source cves: CVE-2024-23732 Source advisory: OSV:GHSA-R67W-F99W-MGXJ...
CVE-2024-23732
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
agenticos (>=0.0.1 <=0.0.3.155020), agentx-tools (>=0.2.0 <=0.7.1) +15 more potentially affected by CVE-2024-23732 via embedchain (>=0.0.18 <=0.1.128)
embedchain PYPI version =0.0.18, =0.0.1, =0.2.0, =0.28.9rc1, =0.13.0, =0.1.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.0.19, =0.1.2, =1.2.0, =1.8.0 and more Source cves: CVE-2024-23732 Source advisory: OSV:PYSEC-2024-8...
CVE-2024-23732
CVE-2024-23732 affects the Embedchain JSON loader and is caused by a ReDoS in the json.py path when processing long input strings. The vulnerability is reported in Embedchain versions prior to 0.1.57. According to connected sources, exploitation could allow denial-of-service via crafted input len...