Latest version: v0.12.27
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2024-23751 | 66694 |
LlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via … |
|
CRITICAL | 9.8 |
| CVE-2023-39662 | 65039 |
An issue in llama_index v.0.7.13 and before allows a remote attacker … |
|
CRITICAL | 9.8 |
| CVE-2024-12910 | 76255 |
A vulnerability in the KnowledgeBaseWebReader class of the run-llama/… |
|
MEDIUM | 5.9 |
| CVE-2024-12704 | 76267 |
A vulnerability in the LangChainLLM class of the run-llama/llamaindex… |
|
- | - |
| CVE-2024-12909 | 76258 |
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_in… |
|
- | - |
| CVE-2024-12911 | 76254 |
A vulnerability in the default_jsonalyzer function of the JSONalyzeQu… |
|
- | - |
| CVE-2024-4181 | 71793 |
A command injection vulnerability exists in the RunGptLLM class of th… |
|
- | - |