The vulnerability of the get_article_urls() function in the KnowledgeBaseWebReader class of the LlamaIndex framework for working with large language models allows a attacker to trigger a service denial.

The vulnerability of the getarticleurls function in the KnowledgeBaseWebReader class of the LlamaIndex framework, which is used for working with large language models, is related to an uncontrolled resource consumption when processing the maxdepth parameter. Exploiting this vulnerability could...

Uncontrolled Recursion

Overview llama-index-readers-web is a llama-index readers web integration Affected versions of this package are vulnerable to Uncontrolled Recursion due to improper handling of the maxdepth parameter in the getarticleurls function. An attacker can exhaust system resources and crash the applicatio...