Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/07 8:47 p.m.9 views

CVE-2025-5472

A denial of service flaw was found in llamaindex. The JSONReader class does not properly handle deeply nested JSON data structures and may throw a RecursionError given certain data input. If left uncaught, this may cause the program to crash. Mitigation Mitigation for this issue is either not...

6.5CVSS6.3AI score0.00338EPSS
Exploits1References5
NVD
NVD
added 2025/07/07 10:15 a.m.8 views

CVE-2025-5472

The JSONReader in run-llama/llamaindex versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service DoS by submitting deeply nested JSON structures, leading to a RecursionError and crashing...

6.5CVSS0.00338EPSS
Exploits1References2
CVE
CVE
added 2025/07/07 9:55 a.m.21 views

CVE-2025-5472

The CVE-2025-5472 entry concerns run-llama/llama_index’s JSONReader. Versions prior to 0.12.38 are vulnerable to a stack overflow/DoS via uncontrolled recursive JSON parsing when processing deeply nested structures. Root cause is unsafe recursive traversal with no depth validation, causing Recurs...

6.5CVSS6.5AI score0.00338EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2025/07/07 9:55 a.m.9 views

CVE-2025-5472 Denial of Service via Uncontrolled Recursive JSON Parsing in JSONReader in run-llama/llama_index

The JSONReader in run-llama/llamaindex versions 0.12.28 is vulnerable to a stack overflow due to uncontrolled recursive JSON parsing. This vulnerability allows attackers to trigger a Denial of Service DoS by submitting deeply nested JSON structures, leading to a RecursionError and crashing...

6.5CVSS0.00338EPSS
Exploits1References2
Rows per page
Query Builder