VYPR

PyPI package

llama-index-core

pkg:pypi/llama-index-core

Vulnerabilities (10)

  • CVE-2025-6208MedFeb 2, 2026
    affected < 0.12.41fixed 0.12.41

    The `SimpleDirectoryReader` component in `llama_index.core` version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit (`num_files_limit`) is applied after all files in a directory

  • CVE-2025-7647HigSep 27, 2025
    affected < 0.13.0fixed 0.13.0

    The llama-index-core package, up to version 0.12.44, contains a vulnerability in the `get_cache_dir()` function where a predictable, hardcoded directory path `/tmp/llama_index` is used on Linux systems without proper security controls. This vulnerability allows attackers on multi

  • CVE-2025-5302HigAug 25, 2025
    affected < 0.12.38fixed 0.12.38

    A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximu

  • CVE-2025-6209Jul 7, 2025
    affected >= 0.11.23, < 0.12.41fixed 0.12.41

    A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0.12.40, specifically within the `encode_image` function in `generic_utils.py`. This vulnerability allows an attacker to manipulate the `image_path` input to read arbitrary files on the server

  • CVE-2025-5472Jul 7, 2025
    affected < 0.12.38fixed 0.12.38

    The JSONReader in run-llama/llama_index versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service (DoS) by submitting deeply nested JSON structures, leading to a RecursionError

  • CVE-2025-3108Jul 6, 2025
    affected >= 0.11.15, < 0.12.41fixed 0.12.41

    A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSe

  • CVE-2024-12704Mar 20, 2025
    affected < 0.12.6fixed 0.12.6

    A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGen

  • CVE-2024-45201Aug 22, 2024
    affected < 0.10.38fixed 0.10.38

    An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.

  • CVE-2024-3271Apr 16, 2024
    affected < 0.10.24fixed 0.10.24

    A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. Th

  • CVE-2024-3098CriApr 10, 2024
    affected < 0.10.24fixed 0.10.24

    A vulnerability was identified in the `exec_utils` class of the `llama_index` package, specifically within the `safe_eval` function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploite