Количество 3
Количество 3
CVE-2024-12911
A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1.
CVE-2024-12911
A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1.
GHSA-jmgm-gx32-vp4w
LlamaIndex vulnerable to Creation of Temporary File in Directory with Insecure Permissions
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-12911 A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1. | CVSS3: 7.1 | 0% Низкий | 11 месяцев назад |
 | CVE-2024-12911 A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1. | CVSS3: 7.1 | 0% Низкий | 11 месяцев назад |
| GHSA-jmgm-gx32-vp4w LlamaIndex vulnerable to Creation of Temporary File in Directory with Insecure Permissions | CVSS3: 7.1 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу