Lucene search
K

6 matches found

NVD
NVD
added 2025/05/28 10:15 a.m.15 views

CVE-2025-1753

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...

7.8CVSS0.0103EPSS
Exploits1References2
Circl
Circl
added 2025/05/28 9:56 a.m.20 views

CVE-2025-1753

creationtimestamp| type| source ---|---|--- 2025-05-28 09:56:02+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq7wr5q552c2 2025-05-28 12:02:14+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114585353170777810 2025-05-28...

7.8CVSS7.6AI score0.0103EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/05/28 9:34 a.m.15 views

CVE-2025-1753 Command Injection in LLama-Index CLI in run-llama/llama_index

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...

7.8CVSS8.2AI score0.0103EPSS
Exploits1References2
CVE
CVE
added 2025/05/28 9:34 a.m.80 views

CVE-2025-1753

CVE-2025-1753 affects the LLama-Index CLI version v0.12.20. The vulnerability stems from the improper handling of the --files argument, which is directly passed into os.system, enabling an attacker who controls the content of this argument to inject and execute arbitrary shell commands. Impact ca...

7.8CVSS8.4AI score0.0103EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/05/28 9:34 a.m.23 views

CVE-2025-1753 Command Injection in LLama-Index CLI in run-llama/llama_index

LLama-Index CLI version v0.12.20 contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this argument can inject and execute arbitrary shell...

7.8CVSS0.0103EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/05/28 9:34 a.m.5 views

airunner (>=3.0.0 <=3.1.7), athina (>=1.7.0 <=1.7.39) +26 more potentially affected by CVE-2025-1753 via llama-index-cli (>=0.1.13 <=0.4.0)

llama-index-cli PYPI version =0.1.13, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.11.0, =0.11.23 - llama-index-callbacks-honeyhive =0.2.0 - llama-index-collection =0.2.0 and more Source cves: CVE-2025-1753 Source advisory:...

7.8CVSS7AI score0.0103EPSS
Exploits1
Rows per page
Query Builder