Lucene search
+L

10 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.9 views

CVE-2026-49451

The OpenAPI.NET SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. From 2.0.0-preview11 until 2.7.5 and 3.5.4, a small OpenAPI document containing a circular schema reference can cause proce...

7.5CVSS0.00695EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 4:1 p.m.203 views

CVE-2026-49451

The issue affects the OpenAPI.NET SDK used for OpenAPI document parsing in .NET. A circular schema reference in a small OpenAPI document can cause process termination via stack overflow when using public OpenAPI.NET reader APIs, applicable to both JSON and YAML paths. Affected versions range from...

7.5CVSS5.8AI score0.00695EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/30 3:56 p.m.14 views

Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing

Impact A small OpenAPI document containing a circular schema reference can cause process termination through stack overflow in Microsoft.OpenApi. The issue affects OpenAPI document parsing through public OpenAPI.NET reader APIs and has been confirmed across both JSON and YAML reader paths. Affect...

7.5CVSS6.2AI score0.00695EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/27 3:11 p.m.5 views

CVE-2025-5302

A flaw was found in the JSONReader component of the llamaindex Python package, where the depthfirstyield function has no limit on the recursive number of times it is called. This vulnerability causes Python to reach its maximum recursive depth when parsing deeply nested JSON files. The program...

8.6CVSS8.2AI score0.0026EPSS
Exploits0References5
OSV
OSV
added 2025/08/26 12:31 a.m.3 views

GHSA-7753-XRFW-CH36 LlamaIndex affected by a Denial of Service (DOS) in JSONReader

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS5.9AI score0.0026EPSS
Exploits0References4
Snyk
Snyk
added 2025/08/25 3:41 p.m.1 views

Uncontrolled Recursion

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Uncontrolled Recursion via the JSONReader component. An attacker can cause excessive resource consumption and crash the process by submitting deeply nested JSON files...

8.8CVSS7AI score0.0026EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/25 3:3 p.m.1 views

CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS8.3AI score0.0026EPSS
Exploits0References2
OSV
OSV
added 2025/08/25 3:3 p.m.2 views

CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index

A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...

8.6CVSS7.2AI score0.0026EPSS
Exploits0References4
Snyk
Snyk
added 2025/07/07 10:44 a.m.6 views

Uncontrolled Recursion

Overview llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Uncontrolled Recursion via the JSONReader process. An attacker can cause the application to crash by submitting deeply nested JSON structures, resulting in a stack overflow and...

7.1CVSS7.2AI score0.00338EPSS
Exploits1References2
Huntr
Huntr
added 2025/05/27 3:2 p.m.8 views

Denial of Service(DOS) in JSONReader

Description There exists a denial of service vulnerabilityDOS that occurs by python hitting max recursion depth while parsing a deeply nested json file using JSONReader. Vulnerable piece of code...

8.6CVSS7.1AI score0.0026EPSS
Exploits0
Rows per page
Query Builder