CVE-2024-23732 | Embedchain up to 0.1.56 JSON Loader json.py redos

Posted by Angelo Barbosa | Jan 22, 2024 | CVE

A vulnerability was found in Embedchain up to 0.1.56. It has been declared as problematic. This vulnerability affects unknown code of the file json.py of the component JSON Loader. The manipulation leads to inefficient regular expression complexity.

This vulnerability was named CVE-2024-23732. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23732 | Embedchain up to 0.1.56 JSON Loader json.py redos

Related Posts

CVE-2024-34075 | xiboon kurwov up to 3.2.4 MarkovData#getNext deserialization

CVE-2023-5392 | Honeywell C300 debug messages revealing unnecessary information

CVE-2023-50339 | WESEEK GROWI up to 6.1.10 User Management Page /admin/users cross site scripting

CVE-2022-25037 | wanEditor 4.7.11 Image Upload cross site scripting (Issue 3870)