VYPR

CWE-1112

Incomplete Documentation of Program Execution

BaseIncomplete

Description

The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (1)

  • CVE-2025-3108Jul 6, 2025
    risk 0.00cvss epss 0.00

    A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module.…