12 matches found
EUVD-2025-20218
Malicious code in bioql PyPI...
The vulnerability of the ArxivReader framework for working with Large Language Models (LLMs) like LlamaIndex allows attackers to compromise the integrity of protected information.
The vulnerability of the ArxivReader framework for working with Large Language Models LLMs like LlamaIndex is related to a violation of expected behavior. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...
GHSA-P7J4-JWJF-5X9W LlamaIndex vulnerability in ArxivReader class can cause MD5 hash collisions
A vulnerability in the ArxivReader class of the run-llama/llamaindex repository allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each other, preventing some papers from...
LlamaIndex vulnerability in ArxivReader class can cause MD5 hash collisions
A vulnerability in the ArxivReader class of the run-llama/llamaindex repository allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each other, preventing some papers from...
Expected Behavior Violation
Overview llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Expected Behavior Violation via the ArxivReader process. An attacker can cause data loss by uploading papers with identical titles but different contents, resulting in one paper...
CVE-2025-3044
A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...
CVE-2025-3044
A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...
CVE-2025-3044 MD5 Hash Collision in run-llama/llama_index
A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...
CVE-2025-3044
The CVE-2025-3044 affects the ArxivReader class in the llama_index project. Versions up to v0.12.22.post1 are vulnerable to MD5 hash collisions when generating filenames for downloaded papers, which can cause papers with identical titles but different contents to overwrite each other, leading to ...
CVE-2025-3044 MD5 Hash Collision in run-llama/llama_index
A vulnerability in the ArxivReader class of the run-llama/llamaindex repository, versions up to v0.12.22.post1, allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but different contents may overwrite each othe...
PT-2025-28148 · Unknown · Llama Index
Name of the Vulnerable Software and Affected Versions: llama index versions up to v0.12.22.post1 Description: A vulnerability in the ArxivReader class allows for MD5 hash collisions when generating filenames for downloaded papers. This can lead to data loss as papers with identical titles but...
MD5 Hash Collision Causes Overwriting of Papers with the Same Title, Leading to Data Loss
Description The ArxivReader class in LlamaIndex is responsible for searching for papers on ArXiv, downloading them, and processing them for AI model training. The workflow of ArxivReader is as follows: 1. The user searches for a specific topic on ArXiv, retrieving a list of relevant papers. impor...