PyPI package
llama-index-retrievers-duckdb-retriever
pkg:pypi/llama-index-retrievers-duckdb-retriever
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-11958 | — | < 0.4.0 | 0.4.0 | Mar 20, 2025 | A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises from the construction of SQL queries without using prepared statements, allowing an attacker to inject ar |
- CVE-2024-11958Mar 20, 2025affected < 0.4.0fixed 0.4.0
A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises from the construction of SQL queries without using prepared statements, allowing an attacker to inject ar