Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/llama-index-core@0.9.45
Typepypi
Namespace
Namellama-index-core
Version0.9.45
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.13.0
Latest_non_vulnerable_version0.13.0
Affected_by_vulnerabilities
0
url VCID-9gy4-wsap-kqde
vulnerability_id VCID-9gy4-wsap-kqde
summary The `SimpleDirectoryReader` component in `llama_index.core` version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit (`num_files_limit`) is applied after all files in a directory are loaded into memory. This can lead to memory exhaustion and degraded performance, particularly in environments with limited resources. The issue is resolved in version 0.12.41.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6208.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6208.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6208
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06969
published_at 2026-06-12T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06939
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6208
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2435932
reference_id 2435932
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2435932
3
reference_url https://github.com/run-llama/llama_index/commit/53614e2f7913c0e86b58add9470b3c900b6c60b2
reference_id 53614e2f7913c0e86b58add9470b3c900b6c60b2
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:46:45Z/
url https://github.com/run-llama/llama_index/commit/53614e2f7913c0e86b58add9470b3c900b6c60b2
4
reference_url https://huntr.com/bounties/7d722bb6-6567-4608-8b23-f95048d7605a
reference_id 7d722bb6-6567-4608-8b23-f95048d7605a
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:46:45Z/
url https://huntr.com/bounties/7d722bb6-6567-4608-8b23-f95048d7605a
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-6208
reference_id CVE-2025-6208
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-6208
6
reference_url https://github.com/advisories/GHSA-488g-hw5f-x29p
reference_id GHSA-488g-hw5f-x29p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-488g-hw5f-x29p
fixed_packages
0
url pkg:pypi/llama-index-core@0.12.41
purl pkg:pypi/llama-index-core@0.12.41
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mbxp-d7t1-3uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.12.41
aliases CVE-2025-6208, GHSA-488g-hw5f-x29p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gy4-wsap-kqde
1
url VCID-cnth-gsay-gbcw
vulnerability_id VCID-cnth-gsay-gbcw
summary A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. The issue is resolved in version 0.12.38.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5302.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5302
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.1767
published_at 2026-06-12T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17509
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5302
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-5302
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-5302
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2390808
reference_id 2390808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2390808
4
reference_url https://huntr.com/bounties/70041b81-de9e-4046-8c0e-6ccd557048a6
reference_id 70041b81-de9e-4046-8c0e-6ccd557048a6
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-25T15:40:17Z/
url https://huntr.com/bounties/70041b81-de9e-4046-8c0e-6ccd557048a6
5
reference_url https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635
reference_id c032843a02ce38fd8f284b2aa5a37fd1c17ae635
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-25T15:40:17Z/
url https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635
6
reference_url https://github.com/advisories/GHSA-7753-xrfw-ch36
reference_id GHSA-7753-xrfw-ch36
reference_type
scores
url https://github.com/advisories/GHSA-7753-xrfw-ch36
7
reference_url https://access.redhat.com/errata/RHSA-2025:16514
reference_id RHSA-2025:16514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16514
fixed_packages
0
url pkg:pypi/llama-index-core@0.12.38
purl pkg:pypi/llama-index-core@0.12.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9gy4-wsap-kqde
1
vulnerability VCID-9nry-wte8-3fbf
2
vulnerability VCID-ep9q-atzq-tffx
3
vulnerability VCID-mbxp-d7t1-3uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.12.38
aliases CVE-2025-5302, GHSA-7753-xrfw-ch36
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cnth-gsay-gbcw
2
url VCID-jg6s-2mm7-aud1
vulnerability_id VCID-jg6s-2mm7-aud1
summary A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3271
reference_id
reference_type
scores
0
value 0.01239
scoring_system epss
scoring_elements 0.79714
published_at 2026-06-12T12:55:00Z
1
value 0.01239
scoring_system epss
scoring_elements 0.79649
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3271
1
reference_url https://github.com/run-llama/llama_index/commit/2c92e88838a5f481d50840240b1dd3180066c6f5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/run-llama/llama_index/commit/2c92e88838a5f481d50840240b1dd3180066c6f5
2
reference_url https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475
reference_id 5fbcb5a8b9f20f81b791c7fc8849e352613ab475
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-13T19:12:23Z/
url https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475
3
reference_url https://huntr.com/bounties/9b32490e-7cf9-470e-8d49-ba083ae7a279
reference_id 9b32490e-7cf9-470e-8d49-ba083ae7a279
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-05-13T19:12:23Z/
url https://huntr.com/bounties/9b32490e-7cf9-470e-8d49-ba083ae7a279
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3271
reference_id CVE-2024-3271
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-3271
5
reference_url https://github.com/advisories/GHSA-r6gp-rff2-p3hf
reference_id GHSA-r6gp-rff2-p3hf
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r6gp-rff2-p3hf
fixed_packages
0
url pkg:pypi/llama-index-core@0.10.24
purl pkg:pypi/llama-index-core@0.10.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9gy4-wsap-kqde
1
vulnerability VCID-cnth-gsay-gbcw
2
vulnerability VCID-kef8-9x8x-7qbf
3
vulnerability VCID-m26d-a2k7-6uck
4
vulnerability VCID-mbxp-d7t1-3uaa
5
vulnerability VCID-z131-hxnn-nyax
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.10.24
aliases CVE-2024-3271, GHSA-r6gp-rff2-p3hf
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jg6s-2mm7-aud1
3
url VCID-kef8-9x8x-7qbf
vulnerability_id VCID-kef8-9x8x-7qbf
summary A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12704.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-12704
reference_id
reference_type
scores
0
value 0.00351
scoring_system epss
scoring_elements 0.58042
published_at 2026-06-12T12:55:00Z
1
value 0.00351
scoring_system epss
scoring_elements 0.5793
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-12704
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-12704
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-12704
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2353770
reference_id 2353770
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2353770
4
reference_url https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a
reference_id a0b638fd-21c6-4ba7-b381-6ab98472a02a
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:16Z/
url https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a
5
reference_url https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05
reference_id d1ecfb77578d089cbe66728f18f635c09aa32a05
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:16Z/
url https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05
6
reference_url https://github.com/advisories/GHSA-j3wr-m6xh-64hg
reference_id GHSA-j3wr-m6xh-64hg
reference_type
scores
url https://github.com/advisories/GHSA-j3wr-m6xh-64hg
fixed_packages
0
url pkg:pypi/llama-index-core@0.12.6
purl pkg:pypi/llama-index-core@0.12.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9gy4-wsap-kqde
1
vulnerability VCID-cnth-gsay-gbcw
2
vulnerability VCID-ep9q-atzq-tffx
3
vulnerability VCID-m26d-a2k7-6uck
4
vulnerability VCID-mbxp-d7t1-3uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.12.6
aliases CVE-2024-12704, GHSA-j3wr-m6xh-64hg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kef8-9x8x-7qbf
4
url VCID-m26d-a2k7-6uck
vulnerability_id VCID-m26d-a2k7-6uck
summary The JSONReader in run-llama/llama_index versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service (DoS) by submitting deeply nested JSON structures, leading to a RecursionError and crashing applications. The root cause is the unsafe recursive traversal design and lack of depth validation, which makes the JSONReader susceptible to stack overflow when processing deeply nested JSON. This impacts the availability of services, making them unreliable and disrupting workflows. The issue is resolved in version 0.12.38.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5472.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5472.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5472
reference_id
reference_type
scores
0
value 0.00162
scoring_system epss
scoring_elements 0.37068
published_at 2026-06-12T12:55:00Z
1
value 0.00162
scoring_system epss
scoring_elements 0.3689
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5472
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-5472
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-5472
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376769
reference_id 2376769
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376769
4
reference_url https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635
reference_id c032843a02ce38fd8f284b2aa5a37fd1c17ae635
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-07T11:17:19Z/
url https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635
5
reference_url https://huntr.com/bounties/df187bda-7911-4823-a19a-e15b2c66b0d4
reference_id df187bda-7911-4823-a19a-e15b2c66b0d4
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-07T11:17:19Z/
url https://huntr.com/bounties/df187bda-7911-4823-a19a-e15b2c66b0d4
6
reference_url https://github.com/advisories/GHSA-3wxx-q3gv-pvvv
reference_id GHSA-3wxx-q3gv-pvvv
reference_type
scores
url https://github.com/advisories/GHSA-3wxx-q3gv-pvvv
fixed_packages
0
url pkg:pypi/llama-index-core@0.12.38
purl pkg:pypi/llama-index-core@0.12.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9gy4-wsap-kqde
1
vulnerability VCID-9nry-wte8-3fbf
2
vulnerability VCID-ep9q-atzq-tffx
3
vulnerability VCID-mbxp-d7t1-3uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.12.38
aliases CVE-2025-5472, GHSA-3wxx-q3gv-pvvv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m26d-a2k7-6uck
5
url VCID-mbxp-d7t1-3uaa
vulnerability_id VCID-mbxp-d7t1-3uaa
summary The llama-index-core package, up to version 0.12.44, contains a vulnerability in the `get_cache_dir()` function where a predictable, hardcoded directory path `/tmp/llama_index` is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal proprietary models, poison cached embeddings, or conduct symlink attacks. The issue affects all Linux deployments where multiple users share the same system. The vulnerability is classified under CWE-379, CWE-377, and CWE-367, indicating insecure temporary file creation and potential race conditions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7647.json
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7647.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-7647
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.06065
published_at 2026-06-11T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.06086
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-7647
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2399917
reference_id 2399917
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2399917
3
reference_url https://github.com/run-llama/llama_index/commit/98816394d57c7f53f847ed7b60725e69d0e7aae4
reference_id 98816394d57c7f53f847ed7b60725e69d0e7aae4
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T19:26:13Z/
url https://github.com/run-llama/llama_index/commit/98816394d57c7f53f847ed7b60725e69d0e7aae4
4
reference_url https://huntr.com/bounties/a2baa08f-98bf-47a8-ac83-06f7411afd9e
reference_id a2baa08f-98bf-47a8-ac83-06f7411afd9e
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T19:26:13Z/
url https://huntr.com/bounties/a2baa08f-98bf-47a8-ac83-06f7411afd9e
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-7647
reference_id CVE-2025-7647
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-7647
6
reference_url https://github.com/advisories/GHSA-cr7q-2w66-hjcm
reference_id GHSA-cr7q-2w66-hjcm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cr7q-2w66-hjcm
7
reference_url https://access.redhat.com/errata/RHSA-2025:18984
reference_id RHSA-2025:18984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:18984
fixed_packages
0
url pkg:pypi/llama-index-core@0.13.0
purl pkg:pypi/llama-index-core@0.13.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.13.0
aliases CVE-2025-7647, GHSA-cr7q-2w66-hjcm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbxp-d7t1-3uaa
6
url VCID-pnre-tvr7-gbgm
vulnerability_id VCID-pnre-tvr7-gbgm
summary A vulnerability was identified in the `exec_utils` class of the `llama_index` package, specifically within the `safe_eval` function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method restrictions and execute unauthorized code. The vulnerability is a bypass of the previously addressed CVE-2023-39662, demonstrated through a proof of concept that creates a file on the system by exploiting the flaw.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3098
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3481
published_at 2026-06-11T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3499
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3098
1
reference_url https://github.com/run-llama/llama_index/commit/2c92e88838a5f481d50840240b1dd3180066c6f5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/run-llama/llama_index/commit/2c92e88838a5f481d50840240b1dd3180066c6f5
2
reference_url https://huntr.com/bounties/1bce0d61-ad03-4b22-bc32-8f99f92974e7
reference_id 1bce0d61-ad03-4b22-bc32-8f99f92974e7
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-25T19:07:30Z/
url https://huntr.com/bounties/1bce0d61-ad03-4b22-bc32-8f99f92974e7
3
reference_url https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475
reference_id 5fbcb5a8b9f20f81b791c7fc8849e352613ab475
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-25T19:07:30Z/
url https://github.com/run-llama/llama_index/commit/5fbcb5a8b9f20f81b791c7fc8849e352613ab475
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3098
reference_id CVE-2024-3098
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-3098
5
reference_url https://github.com/advisories/GHSA-wvpx-g427-q9wc
reference_id GHSA-wvpx-g427-q9wc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wvpx-g427-q9wc
fixed_packages
0
url pkg:pypi/llama-index-core@0.10.24
purl pkg:pypi/llama-index-core@0.10.24
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9gy4-wsap-kqde
1
vulnerability VCID-cnth-gsay-gbcw
2
vulnerability VCID-kef8-9x8x-7qbf
3
vulnerability VCID-m26d-a2k7-6uck
4
vulnerability VCID-mbxp-d7t1-3uaa
5
vulnerability VCID-z131-hxnn-nyax
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.10.24
aliases CVE-2024-3098, GHSA-wvpx-g427-q9wc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pnre-tvr7-gbgm
7
url VCID-z131-hxnn-nyax
vulnerability_id VCID-z131-hxnn-nyax
summary An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45201.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45201.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45201
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43961
published_at 2026-06-12T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43806
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45201
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-192.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2024-192.yaml
3
reference_url https://github.com/run-llama/llama_index/commit/bd827c30484fa085ec769fa55dc7f2add8006ac8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/run-llama/llama_index/commit/bd827c30484fa085ec769fa55dc7f2add8006ac8
4
reference_url https://github.com/run-llama/llama_index/pull/13523
reference_id 13523
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:18:17Z/
url https://github.com/run-llama/llama_index/pull/13523
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2307415
reference_id 2307415
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2307415
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-45201
reference_id CVE-2024-45201
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-45201
7
reference_url https://github.com/advisories/GHSA-fxc2-8m62-m85x
reference_id GHSA-fxc2-8m62-m85x
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fxc2-8m62-m85x
8
reference_url https://github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38
reference_id v0.10.37...v0.10.38
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-25T18:18:17Z/
url https://github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38
fixed_packages
0
url pkg:pypi/llama-index-core@0.10.38
purl pkg:pypi/llama-index-core@0.10.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9gy4-wsap-kqde
1
vulnerability VCID-cnth-gsay-gbcw
2
vulnerability VCID-kef8-9x8x-7qbf
3
vulnerability VCID-m26d-a2k7-6uck
4
vulnerability VCID-mbxp-d7t1-3uaa
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.10.38
aliases CVE-2024-45201, GHSA-fxc2-8m62-m85x, PYSEC-2024-192
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z131-hxnn-nyax
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/llama-index-core@0.9.45