pysec-2024-192
Vulnerability from pysec
Published
2024-08-22 20:15
Modified
2025-01-19 13:22
Details
An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "llama-index",
"purl": "pkg:pypi/llama-index"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.10.38"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.10.0",
"0.10.1",
"0.10.10",
"0.10.11",
"0.10.12",
"0.10.13",
"0.10.13.post1",
"0.10.14",
"0.10.15",
"0.10.16",
"0.10.17",
"0.10.18",
"0.10.19",
"0.10.20",
"0.10.22",
"0.10.23",
"0.10.24",
"0.10.25",
"0.10.26",
"0.10.27",
"0.10.28",
"0.10.29",
"0.10.3",
"0.10.30",
"0.10.31",
"0.10.32",
"0.10.33",
"0.10.34",
"0.10.35",
"0.10.36",
"0.10.37",
"0.10.4",
"0.10.5",
"0.10.5a1",
"0.10.6",
"0.10.7",
"0.10.8",
"0.10.9",
"0.4.10",
"0.4.11",
"0.4.12",
"0.4.13",
"0.4.14",
"0.4.15",
"0.4.16",
"0.4.17",
"0.4.18",
"0.4.19",
"0.4.20",
"0.4.21",
"0.4.22",
"0.4.22.post1",
"0.4.23",
"0.4.24",
"0.4.25",
"0.4.26",
"0.4.27",
"0.4.28",
"0.4.29",
"0.4.30",
"0.4.31",
"0.4.32",
"0.4.33",
"0.4.34",
"0.4.35",
"0.4.35.post1",
"0.4.36",
"0.4.37",
"0.4.38",
"0.4.39",
"0.4.4",
"0.4.4.post1",
"0.4.4.post2",
"0.4.40",
"0.4.5",
"0.4.6",
"0.4.7",
"0.4.8",
"0.4.9",
"0.5.0",
"0.5.1",
"0.5.10",
"0.5.11",
"0.5.12",
"0.5.13",
"0.5.13.post1",
"0.5.15",
"0.5.16",
"0.5.17",
"0.5.17.post1",
"0.5.18",
"0.5.19",
"0.5.2",
"0.5.20",
"0.5.21",
"0.5.22",
"0.5.23",
"0.5.23.post1",
"0.5.25",
"0.5.26",
"0.5.27",
"0.5.3",
"0.5.4",
"0.5.5",
"0.5.6",
"0.5.7",
"0.5.8",
"0.5.9",
"0.6.0",
"0.6.0a1",
"0.6.0a2",
"0.6.0a3",
"0.6.0a4",
"0.6.0a5",
"0.6.0a6",
"0.6.0a7",
"0.6.1",
"0.6.10",
"0.6.10.post1",
"0.6.11",
"0.6.12",
"0.6.13",
"0.6.14",
"0.6.15",
"0.6.16",
"0.6.16.post1",
"0.6.17",
"0.6.18",
"0.6.19",
"0.6.2",
"0.6.20",
"0.6.21.post1",
"0.6.22",
"0.6.23",
"0.6.24",
"0.6.25",
"0.6.25.post1",
"0.6.26",
"0.6.27",
"0.6.28",
"0.6.29",
"0.6.30",
"0.6.31",
"0.6.32",
"0.6.33",
"0.6.34",
"0.6.34.post1",
"0.6.35",
"0.6.36",
"0.6.37",
"0.6.38",
"0.6.38.post1",
"0.6.4",
"0.6.5",
"0.6.6",
"0.6.7",
"0.6.8",
"0.6.9",
"0.7.0",
"0.7.1",
"0.7.10",
"0.7.10.post1",
"0.7.11",
"0.7.11.post1",
"0.7.12",
"0.7.13",
"0.7.14",
"0.7.15",
"0.7.16",
"0.7.17",
"0.7.18",
"0.7.19",
"0.7.2",
"0.7.20",
"0.7.21",
"0.7.22",
"0.7.23",
"0.7.24.post1",
"0.7.3",
"0.7.4",
"0.7.5",
"0.7.6",
"0.7.7",
"0.7.8",
"0.7.9",
"0.8.0",
"0.8.1",
"0.8.1.post1",
"0.8.10",
"0.8.10.post1",
"0.8.11",
"0.8.11.post1",
"0.8.11.post2",
"0.8.11.post3",
"0.8.12",
"0.8.13",
"0.8.14",
"0.8.15",
"0.8.16",
"0.8.17",
"0.8.18",
"0.8.19",
"0.8.2",
"0.8.2.post1",
"0.8.20",
"0.8.21",
"0.8.22",
"0.8.23",
"0.8.23.post1",
"0.8.24",
"0.8.24.post1",
"0.8.25",
"0.8.26",
"0.8.26.post1",
"0.8.27",
"0.8.28",
"0.8.28a1",
"0.8.29",
"0.8.29.post1",
"0.8.3",
"0.8.30",
"0.8.31",
"0.8.32",
"0.8.33",
"0.8.34",
"0.8.35",
"0.8.36",
"0.8.37",
"0.8.38",
"0.8.39",
"0.8.39.post2",
"0.8.4",
"0.8.40",
"0.8.41",
"0.8.42",
"0.8.43",
"0.8.43.post1",
"0.8.44",
"0.8.45",
"0.8.45.post1",
"0.8.46",
"0.8.47",
"0.8.48",
"0.8.49",
"0.8.5",
"0.8.5.post1",
"0.8.5.post2",
"0.8.50",
"0.8.51",
"0.8.51.post1",
"0.8.52",
"0.8.53",
"0.8.53.post3",
"0.8.54",
"0.8.55",
"0.8.56",
"0.8.57",
"0.8.58",
"0.8.59",
"0.8.6",
"0.8.61",
"0.8.62",
"0.8.63.post1",
"0.8.63.post2",
"0.8.64",
"0.8.64.post1",
"0.8.65",
"0.8.66",
"0.8.67",
"0.8.68",
"0.8.69",
"0.8.69.post1",
"0.8.69.post2",
"0.8.7",
"0.8.8",
"0.8.9",
"0.9.0",
"0.9.0.post1",
"0.9.0a1",
"0.9.0a2",
"0.9.0a3",
"0.9.1",
"0.9.10",
"0.9.10a1",
"0.9.10a2",
"0.9.11",
"0.9.11.post1",
"0.9.12",
"0.9.12a1",
"0.9.12a2",
"0.9.12a3",
"0.9.12a4",
"0.9.12a5",
"0.9.12a6",
"0.9.13",
"0.9.14",
"0.9.14.post1",
"0.9.14.post2",
"0.9.14.post3",
"0.9.15",
"0.9.15.post1",
"0.9.15.post2",
"0.9.16",
"0.9.16.dev1",
"0.9.16.dev2",
"0.9.16.post1",
"0.9.17",
"0.9.17.dev1",
"0.9.18",
"0.9.19",
"0.9.2",
"0.9.20",
"0.9.21",
"0.9.22",
"0.9.23",
"0.9.24",
"0.9.25",
"0.9.25.post1",
"0.9.25a1",
"0.9.25a2",
"0.9.26",
"0.9.27",
"0.9.28",
"0.9.28.post1",
"0.9.28.post2",
"0.9.29",
"0.9.3",
"0.9.3.post1",
"0.9.30",
"0.9.31",
"0.9.32",
"0.9.33",
"0.9.33a2",
"0.9.33a3",
"0.9.33a4",
"0.9.33a5",
"0.9.33a6",
"0.9.34",
"0.9.35",
"0.9.36",
"0.9.37",
"0.9.37.post1",
"0.9.38",
"0.9.39",
"0.9.4",
"0.9.40",
"0.9.41",
"0.9.42",
"0.9.42.post1",
"0.9.42.post2",
"0.9.43",
"0.9.44",
"0.9.45",
"0.9.45.post1",
"0.9.46",
"0.9.47",
"0.9.48",
"0.9.5",
"0.9.6",
"0.9.6.post1",
"0.9.6.post2",
"0.9.7",
"0.9.8",
"0.9.8.post1",
"0.9.9"
]
}
],
"aliases": [
"CVE-2024-45201"
],
"details": "An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.",
"id": "PYSEC-2024-192",
"modified": "2025-01-19T13:22:29.175614+00:00",
"published": "2024-08-22T20:15:10+00:00",
"references": [
{
"type": "WEB",
"url": "https://github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38"
},
{
"type": "WEB",
"url": "https://github.com/run-llama/llama_index/pull/13523"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.