{"id":"PYSEC-2024-8","details":"The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py.","aliases":["CVE-2024-23732","GHSA-r67w-f99w-mgxj"],"modified":"2024-01-22T21:56:40.981868Z","published":"2024-01-21T17:15:00Z","references":[{"type":"WEB","url":"https://github.com/embedchain/embedchain/pull/1122"},{"type":"WEB","url":"https://github.com/embedchain/embedchain/compare/0.1.56...0.1.57"}],"affected":[{"package":{"name":"embedchain","ecosystem":"PyPI","purl":"pkg:pypi/embedchain"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.1.57"}]}],"versions":["0.0.1","0.0.10","0.0.11","0.0.12","0.0.13","0.0.14","0.0.15","0.0.16","0.0.17","0.0.18","0.0.19","0.0.2","0.0.20","0.0.21","0.0.22","0.0.23","0.0.24","0.0.25","0.0.26","0.0.27","0.0.28","0.0.29","0.0.3","0.0.30","0.0.31","0.0.32","0.0.33","0.0.34","0.0.35","0.0.36","0.0.37","0.0.38","0.0.39","0.0.4","0.0.40","0.0.41","0.0.46","0.0.47","0.0.48","0.0.49","0.0.5","0.0.50","0.0.51","0.0.52","0.0.53","0.0.54","0.0.55","0.0.56","0.0.57","0.0.58","0.0.59","0.0.6","0.0.60","0.0.61","0.0.62","0.0.63","0.0.64","0.0.65","0.0.66","0.0.67","0.0.68","0.0.69","0.0.7","0.0.70","0.0.71","0.0.72","0.0.73","0.0.74","0.0.75","0.0.76","0.0.77","0.0.78","0.0.79","0.0.8","0.0.80","0.0.81","0.0.82","0.0.82rc8","0.0.82rc9","0.0.83","0.0.84","0.0.85","0.0.86","0.0.87","0.0.88","0.0.89","0.0.9","0.0.90","0.0.91","0.0.92","0.1.0","0.1.0rc1","0.1.1","0.1.10","0.1.11","0.1.12","0.1.13","0.1.14","0.1.15","0.1.16","0.1.17","0.1.18","0.1.19","0.1.19a1","0.1.19a2","0.1.19a3","0.1.19a4","0.1.19a5","0.1.2","0.1.20a1","0.1.21","0.1.22","0.1.23","0.1.24","0.1.25","0.1.26","0.1.27","0.1.28","0.1.3","0.1.30","0.1.31","0.1.33","0.1.34","0.1.35","0.1.36","0.1.37","0.1.38","0.1.39","0.1.4","0.1.40","0.1.41","0.1.41a0","0.1.41a1","0.1.42","0.1.43","0.1.44","0.1.45","0.1.45a0","0.1.46","0.1.47","0.1.48","0.1.49","0.1.5","0.1.50","0.1.51","0.1.52","0.1.52a0","0.1.53","0.1.54","0.1.55","0.1.55a0","0.1.55a1","0.1.55a2","0.1.55a3","0.1.56","0.1.6","0.1.7","0.1.8","0.1.9"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/embedchain/PYSEC-2024-8.yaml"}}],"schema_version":"1.7.3"}