Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service (DOS) in JSONReader in run-llama/llama_index
Vulnerability Description
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. The issue is resolved in version 0.12.38.
CVSS Information
N/A
Vulnerability Type
未经控制的递归
Vulnerability Title
LlamaIndex 安全漏洞
Vulnerability Description
LlamaIndex是LlamaIndex开源的一个 LLM 应用程序的数据框架。 LlamaIndex v0.12.37版本存在安全漏洞,该漏洞源于JSONReader组件解析深度嵌套JSON文件时递归不受控制,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A