6 matches found
CVE-2025-1753
LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...
CVE-2025-1753
creationtimestamp| type| source ---|---|--- 2025-05-28 09:56:02+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq7wr5q552c2 2025-05-28 12:02:14+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114585353170777810 2025-05-28...
CVE-2025-1753 Command Injection in LLama-Index CLI in run-llama/llama_index
LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...
CVE-2025-1753
CVE-2025-1753 affects the LLama-Index CLI version v0.12.20. The vulnerability stems from the improper handling of the --files argument, which is directly passed into os.system, enabling an attacker who controls the content of this argument to inject and execute arbitrary shell commands. Impact ca...
CVE-2025-1753 Command Injection in LLama-Index CLI in run-llama/llama_index
LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...
airunner (>=3.0.0 <=3.1.7), athina (>=1.7.0 <=1.7.39) +26 more potentially affected by CVE-2025-1753 via llama-index-cli (>=0.1.13 <=0.4.0)
llama-index-cli PYPI version =0.1.13, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.11.0, =0.11.23 - llama-index-callbacks-honeyhive =0.2.0 - llama-index-collection =0.2.0 and more Source cves: CVE-2025-1753 Source advisory:...