CWE-1112
Incomplete Documentation of Program Execution
BaseIncomplete
Description
The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-3108 | 0.00 | — | 0.00 | Jul 6, 2025 | A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module.… |
- CVE-2025-3108Jul 6, 2025risk 0.00cvss —epss 0.00
A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module.…