Vulnerability	Vulnerable Version
M Regular Expression Denial of Service (ReDoS) embedchain is a Simplest open source retrieval(RAG) framework Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to missing character length limitation. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `embedchain` to version 0.1.57 or higher.	[,0.1.57)
H Regular Expression Denial of Service (ReDoS) embedchain is a Simplest open source retrieval(RAG) framework Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of an insecure regular expression in `VALID_URL_PATTERN` of the`json.py` component. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade `embedchain` to version 0.1.57 or higher.	[,0.1.57)
C Improper Control of Generation of Code ('Code Injection') embedchain is a Simplest open source retrieval(RAG) framework Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') due to the insecure usage of `yaml.load` in the `load_data` function of `openapi.py`. An attacker can execute arbitrary code by supplying a crafted YAML file that exploits the function's lack of safe loading. How to fix Improper Control of Generation of Code ('Code Injection')? Upgrade `embedchain` to version 0.1.57 or higher.	[,0.1.57)

Go back to all versions of this package