1 matches found
Command Injection
llamaindex is vulnerable to a Command Injection. The vulnerability is due to unsafe usage of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine...