CRITICAL🇵🇱 Wersja polska

CVE-2024-3271

CVSS 9.8v3.0pub. 2024-04-16upd. 2025-07-30

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by crafting input that does not contain an underscore but still results in the execution of OS commands. The vulnerability allows for remote code execution (RCE) on the server hosting the application.

🤖 AI Analysis
How it works

The safe_eval function implements a security mechanism that checks whether code generated by the LLM model contains underscores. An attacker can craft input data that does not contain underscores but still leads to operating system command execution — effectively bypassing this control. The vulnerability is accessible remotely, without requiring authentication or user interaction (vector AV:N, PR:N, UI:N).

Impact

An attacker gains the ability to execute arbitrary code remotely (RCE) on the server, which may lead to complete system compromise, data theft, and violation of service integrity and availability.

Mitigation & patch

Update the LlamaIndex library to a version containing commit 5fbcb5a8b9f20f81b791c7fc8849e352613ab475 or later. Details are available in vendor references and on the huntr.com platform.

Who is affected

The run-llama/llama_index library — versions indicated in vendor references (fix commit: 5fbcb5a8b9f20f81b791c7fc8849e352613ab475)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Llamaindex

    APP
    Llamaindex
    0.10.6 – 0.10.26 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-1793CRITICAL9.8PL ✓ten sam produkt

SQL injection w LlamaIndex — nieautoryzowany dostęp do danych przez integracje vector store

CVE-2025-1750CRITICAL9.8PL ✓ten sam produkt

SQL Injection w DuckDBVectorStore umożliwiający RCE (LlamaIndex)

CVE-2024-12909CRITICAL9.8PL ✓ten sam produkt

SQL Injection i RCE w FinanceChatLlamaPack biblioteki LlamaIndex

CVE-2024-11958CRITICAL9.8PL ✓ten sam produkt

SQL Injection umożliwiający RCE w komponencie duckdb_retriever biblioteki LlamaIndex

CVE-2024-23751CRITICAL9.8PL ✓ten sam produkt

SQL injection w LlamaIndex przez funkcję Text-to-SQL