CRITICAL🇵🇱 Wersja polska

CVE-2024-23751

CVSS 9.8v3.1pub. 2024-01-22upd. 2025-06-20

LlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via the Text-to-SQL feature in NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQueryEngine, and PGVectorSQLQueryEngine. For example, an attacker might be able to delete this year's student records via "Drop the Students table" within English language input.

🤖 AI Analysis
How it works

The Text-to-SQL function in the NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQueryEngine, and PGVectorSQLQueryEngine components processes user input in natural language and converts it to SQL queries without proper sanitization. An attacker can formulate a command in English, such as 'Drop the Students table', which will be translated literally into a destructive SQL query and executed on the database. The lack of input validation and neutralization enables the injection of malicious SQL instructions through the natural language interface.

Impact

An unauthenticated attacker without requiring specialized technical knowledge can read, modify, or permanently delete data from the database, threatening the confidentiality, integrity, and availability of stored information.

Mitigation & patch

The LlamaIndex library should be updated to a version newer than 0.9.34 and patches available from the vendor should be applied according to the references. Additionally, it is recommended to restrict the privileges of the database account used by the application to the minimum necessary (principle of least privilege).

Who is affected

LlamaIndex (llama_index) in versions up to and including 0.9.34, using the components: NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQueryEngine, PGVectorSQLQueryEngine.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Llamaindex

    APP
    Llamaindex
    ≤ 0.9.34
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2025-1793CRITICAL9.8PL ✓ten sam produkt

SQL injection w LlamaIndex — nieautoryzowany dostęp do danych przez integracje vector store

CVE-2025-1750CRITICAL9.8PL ✓ten sam produkt

SQL Injection w DuckDBVectorStore umożliwiający RCE (LlamaIndex)

CVE-2024-12909CRITICAL9.8PL ✓ten sam produkt

SQL Injection i RCE w FinanceChatLlamaPack biblioteki LlamaIndex

CVE-2024-11958CRITICAL9.8PL ✓ten sam produkt

SQL Injection umożliwiający RCE w komponencie duckdb_retriever biblioteki LlamaIndex

CVE-2024-3271CRITICAL9.8PL ✓ten sam produkt

Command injection w LlamaIndex — obejście safe_eval umożliwia RCE