33 matches found
EUVD-2024-0055
Malicious code in bioql PyPI...
EUVD-2024-0056
Malicious code in bioql PyPI...
CVE-2024-23731
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
CVE-2024-23732
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
Regular Expression Denial Of Service (ReDoS)
Embedchain is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to the use of a regular expression with inefficient complexity within json.py which allows an attacker to cause Denial of Service DoS...
Remote Code Execution (RCE)
Embedchain is vulnerable to Remote Code Execution RCE. The vulnerability is due to insecure usage of yaml.load within the loaddata function of openapi.py, allowing an attacker to execute arbitrary code by supplying a crafted YAML file...
agenticos (>=0.0.1 <=0.0.2.152539), agentx-tools (>=0.2.0 <=0.7.1) +15 more potentially affected by CVE-2024-23731 via embedchain (>=0.0.18 <=0.1.128)
embedchain PYPI version =0.0.18, =0.0.1, =0.2.0, =0.28.9rc1, =0.13.0, =0.1.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.0.19, =0.1.2, =1.2.0, =1.8.0 and more Source cves: CVE-2024-23731 Source advisory: OSV:GHSA-RHHJ-5436-95VF...
agenticos (>=0.0.1 <=0.0.2.152539), agentx-tools (>=0.2.0 <=0.7.1) +15 more potentially affected by CVE-2024-23732 via embedchain (>=0.0.18 <=0.1.128)
embedchain PYPI version =0.0.18, =0.0.1, =0.2.0, =0.28.9rc1, =0.13.0, =0.1.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.0.19, =0.1.2, =1.2.0, =1.8.0 and more Source cves: CVE-2024-23732 Source advisory: OSV:GHSA-R67W-F99W-MGXJ...
GHSA-R67W-F99W-MGXJ ReDoS in Embedchain
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
GHSA-RHHJ-5436-95VF Code execution in Embedchain
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
ReDoS in Embedchain
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
Code execution in Embedchain
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
CVE-2024-23732
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
CVE-2024-23731
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
CVE-2024-23732
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
CVE-2024-23731
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
PYSEC-2024-8
The JSON loader in Embedchain before 0.1.57 allows a ReDoS regular expression denial of service via a long string to json.py...
PYSEC-2024-7
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument...
agenticos (>=0.0.1 <=0.0.2.152539), agentx-tools (>=0.2.0 <=0.7.1) +15 more potentially affected by CVE-2024-23731 via embedchain (>=0.0.18 <=0.1.128)
embedchain PYPI version =0.0.18, =0.0.1, =0.2.0, =0.28.9rc1, =0.13.0, =0.1.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.0.19, =0.1.2, =1.2.0, =1.8.0 and more Source cves: CVE-2024-23731 Source advisory: OSV:PYSEC-2024-7...
agenticos (>=0.0.1 <=0.0.2.152539), agentx-tools (>=0.2.0 <=0.7.1) +15 more potentially affected by CVE-2024-23732 via embedchain (>=0.0.18 <=0.1.128)
embedchain PYPI version =0.0.18, =0.0.1, =0.2.0, =0.28.9rc1, =0.13.0, =0.1.0, =0.0.6, =0.0.2, =0.1.0.dev7, =0.0.19, =0.1.2, =1.2.0, =1.8.0 and more Source cves: CVE-2024-23732 Source advisory: OSV:PYSEC-2024-8...