Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/embedchain@0.0.20
purl pkg:pypi/embedchain@0.0.20
Next non-vulnerable version 0.1.57
Latest non-vulnerable version 0.1.57
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-8ntv-havf-t7fm
Aliases:
CVE-2024-23731
GHSA-rhhj-5436-95vf
PYSEC-2024-7
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument.
0.1.57
Affected by 0 other vulnerabilities.
VCID-kndy-wq3p-ykcf
Aliases:
CVE-2024-23732
GHSA-r67w-f99w-mgxj
PYSEC-2024-8
The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py.
0.1.57
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-31T09:45:47.878792+00:00 PyPI Importer Affected by VCID-kndy-wq3p-ykcf https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-05-31T09:45:47.546100+00:00 PyPI Importer Affected by VCID-8ntv-havf-t7fm https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-05-30T20:33:46.457975+00:00 Pypa Importer Affected by VCID-8ntv-havf-t7fm https://github.com/pypa/advisory-database/blob/main/vulns/embedchain/PYSEC-2024-7.yaml 38.6.0
2026-05-30T20:33:45.647397+00:00 Pypa Importer Affected by VCID-kndy-wq3p-ykcf https://github.com/pypa/advisory-database/blob/main/vulns/embedchain/PYSEC-2024-8.yaml 38.6.0