VulnerableCode Package Details - pkg:pypi/embedchain@0.0.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/embedchain@0.0.4

Essentials
History (2)

purl	pkg:pypi/embedchain@0.0.4

Next non-vulnerable version	0.1.57
Latest non-vulnerable version	0.1.57
Risk

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-j5eb-ugzc-7qad Aliases: CVE-2024-23732 GHSA-r67w-f99w-mgxj PYSEC-2024-8	The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py.	0.1.57 Affected by 0 other vulnerabilities.
VCID-yewd-g5yb-6bfv Aliases: CVE-2024-23731 GHSA-rhhj-5436-95vf PYSEC-2024-7	The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument.	0.1.57 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:20:37.168512+00:00	Pypa Importer	Affected by	VCID-yewd-g5yb-6bfv	https://github.com/pypa/advisory-database/blob/main/vulns/embedchain/PYSEC-2024-7.yaml	38.6.0
2026-06-02T04:20:36.377909+00:00	Pypa Importer	Affected by	VCID-j5eb-ugzc-7qad	https://github.com/pypa/advisory-database/blob/main/vulns/embedchain/PYSEC-2024-8.yaml	38.6.0