Critical severityNVD Advisory· Published Aug 22, 2024· Updated Nov 25, 2024
CVE-2024-45201
CVE-2024-45201
Description
An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
llama-index-corePyPI | < 0.10.38 | 0.10.38 |
Affected products
2- llama_index/llama_indexdescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-fxc2-8m62-m85xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-45201ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-192.yamlghsaWEB
- github.com/run-llama/llama_index/commit/bd827c30484fa085ec769fa55dc7f2add8006ac8ghsaWEB
- github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38ghsaWEB
- github.com/run-llama/llama_index/pull/13523ghsaWEB
News mentions
0No linked articles in our index yet.