ReDoS in Embedchain
The JSON loader in Embedchain before 0.1.57 allows a ReDoS (regular expression denial of service) via a long string to json.py.
Advisories for Pypi/Embedchain package
2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument.