10 matches found
EUVD-2025-25708
Malicious code in bioql PyPI...
CVE-2025-5302
A flaw was found in the JSONReader component of the llamaindex Python package, where the depthfirstyield function has no limit on the recursive number of times it is called. This vulnerability causes Python to reach its maximum recursive depth when parsing deeply nested JSON files. The program...
LlamaIndex affected by a Denial of Service (DOS) in JSONReader
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
GHSA-7753-XRFW-CH36 LlamaIndex affected by a Denial of Service (DOS) in JSONReader
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
CVE-2025-5302
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
CVE-2025-5302
The CVE-2025-5302 affects the JSONReader in run-llama/llama_index v0.12.37, where unconstrained recursion on deeply nested JSON can exhaust Python recursion depth, causing high CPU/memory use and potential DoS. The issue is resolved in v0.12.38. Remediation: upgrade llama_index to 0.12.38 or late...
CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
CVE-2025-5302 Denial of Service (DOS) in JSONReader in run-llama/llama_index
A denial of service vulnerability exists in the JSONReader component of the run-llama/llamaindex repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth...
LlamaIndex 安全漏洞
LlamaIndex is a data framework for LLM applications from the LlamaIndex open source. A security vulnerability exists in LlamaIndex version v0.12.37, which stems from an uncontrolled recursion when parsing deeply nested JSON files by the JSONReader component, which could lead to a denial of servic...
PT-2025-34665 · Run Llama · Llama Index
Name of the Vulnerable Software and Affected Versions: run-llama/llama index versions prior to 0.12.38 Description: A denial of service issue exists in the JSONReader component. The issue is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting i...