4 matches found
Code Injection
llama-index-core is vulnerable to Code Injection. The vulnerability is due to insufficient input validation within the safeeval function in the executils class, which allows an attacker to bypass method restrictions resulting in unauthorized code execution...
CVE-2024-3098
A vulnerability was identified in the executils class of the llamaindex package, specifically within the safeeval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method...
CVE-2024-3098 Prompt Injection leading to Arbitrary Code Execution in run-llama/llama_index
A vulnerability was identified in the executils class of the llamaindex package, specifically within the safeeval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method...
CVE-2024-3098 Prompt Injection leading to Arbitrary Code Execution in run-llama/llama_index
A vulnerability was identified in the executils class of the llamaindex package, specifically within the safeeval function, allowing for prompt injection leading to arbitrary code execution. This issue arises due to insufficient validation of input, which can be exploited to bypass method...