Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service in run-llama/llama_index
Vulnerability Description
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index repository, version latest, allows an attacker to cause a Denial of Service (DoS) by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the `get_article_urls` method, exhausting system resources and potentially crashing the application.
CVSS Information
N/A
Vulnerability Type
未经控制的递归
Vulnerability Title
LlamaIndex 安全漏洞
Vulnerability Description
LlamaIndex是LlamaIndex开源的一个 LLM 应用程序的数据框架。 LlamaIndex存在安全漏洞,该漏洞源于未验证URL,可能导致无限递归调用和拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A