pysec-2024-192
Vulnerability from pysec
Published
2024-08-22 20:15
Modified
2025-01-19 13:22
Details
An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.
Impacted products
| Name | purl |
|---|---|
| llama-index | pkg:pypi/llama-index |
Aliases
{ affected: [ { package: { ecosystem: "PyPI", name: "llama-index", purl: "pkg:pypi/llama-index", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "0.10.38", }, ], type: "ECOSYSTEM", }, ], versions: [ "0.10.0", "0.10.1", "0.10.10", "0.10.11", "0.10.12", "0.10.13", "0.10.13.post1", "0.10.14", "0.10.15", "0.10.16", "0.10.17", "0.10.18", "0.10.19", "0.10.20", "0.10.22", "0.10.23", "0.10.24", "0.10.25", "0.10.26", "0.10.27", "0.10.28", "0.10.29", "0.10.3", "0.10.30", "0.10.31", "0.10.32", "0.10.33", "0.10.34", "0.10.35", "0.10.36", "0.10.37", "0.10.4", "0.10.5", "0.10.5a1", "0.10.6", "0.10.7", "0.10.8", "0.10.9", "0.4.10", "0.4.11", "0.4.12", "0.4.13", "0.4.14", "0.4.15", "0.4.16", "0.4.17", "0.4.18", "0.4.19", "0.4.20", "0.4.21", "0.4.22", "0.4.22.post1", "0.4.23", "0.4.24", "0.4.25", "0.4.26", "0.4.27", "0.4.28", "0.4.29", "0.4.30", "0.4.31", "0.4.32", "0.4.33", "0.4.34", "0.4.35", "0.4.35.post1", "0.4.36", "0.4.37", "0.4.38", "0.4.39", "0.4.4", "0.4.4.post1", "0.4.4.post2", "0.4.40", "0.4.5", "0.4.6", "0.4.7", "0.4.8", "0.4.9", "0.5.0", "0.5.1", "0.5.10", "0.5.11", "0.5.12", "0.5.13", "0.5.13.post1", "0.5.15", "0.5.16", "0.5.17", "0.5.17.post1", "0.5.18", "0.5.19", "0.5.2", "0.5.20", "0.5.21", "0.5.22", "0.5.23", "0.5.23.post1", "0.5.25", "0.5.26", "0.5.27", "0.5.3", "0.5.4", "0.5.5", "0.5.6", "0.5.7", "0.5.8", "0.5.9", "0.6.0", "0.6.0a1", "0.6.0a2", "0.6.0a3", "0.6.0a4", "0.6.0a5", "0.6.0a6", "0.6.0a7", "0.6.1", "0.6.10", "0.6.10.post1", "0.6.11", "0.6.12", "0.6.13", "0.6.14", "0.6.15", "0.6.16", "0.6.16.post1", "0.6.17", "0.6.18", "0.6.19", "0.6.2", "0.6.20", "0.6.21.post1", "0.6.22", "0.6.23", "0.6.24", "0.6.25", "0.6.25.post1", "0.6.26", "0.6.27", "0.6.28", "0.6.29", "0.6.30", "0.6.31", "0.6.32", "0.6.33", "0.6.34", "0.6.34.post1", "0.6.35", "0.6.36", "0.6.37", "0.6.38", "0.6.38.post1", "0.6.4", "0.6.5", "0.6.6", "0.6.7", "0.6.8", "0.6.9", "0.7.0", "0.7.1", "0.7.10", "0.7.10.post1", "0.7.11", "0.7.11.post1", "0.7.12", "0.7.13", "0.7.14", "0.7.15", "0.7.16", "0.7.17", "0.7.18", "0.7.19", "0.7.2", "0.7.20", "0.7.21", "0.7.22", "0.7.23", "0.7.24.post1", "0.7.3", "0.7.4", "0.7.5", "0.7.6", "0.7.7", "0.7.8", "0.7.9", "0.8.0", "0.8.1", "0.8.1.post1", "0.8.10", "0.8.10.post1", "0.8.11", "0.8.11.post1", "0.8.11.post2", "0.8.11.post3", "0.8.12", "0.8.13", "0.8.14", "0.8.15", "0.8.16", "0.8.17", "0.8.18", "0.8.19", "0.8.2", "0.8.2.post1", "0.8.20", "0.8.21", "0.8.22", "0.8.23", "0.8.23.post1", "0.8.24", "0.8.24.post1", "0.8.25", "0.8.26", "0.8.26.post1", "0.8.27", "0.8.28", "0.8.28a1", "0.8.29", "0.8.29.post1", "0.8.3", "0.8.30", "0.8.31", "0.8.32", "0.8.33", "0.8.34", "0.8.35", "0.8.36", "0.8.37", "0.8.38", "0.8.39", "0.8.39.post2", "0.8.4", "0.8.40", "0.8.41", "0.8.42", "0.8.43", "0.8.43.post1", "0.8.44", "0.8.45", "0.8.45.post1", "0.8.46", "0.8.47", "0.8.48", "0.8.49", "0.8.5", "0.8.5.post1", "0.8.5.post2", "0.8.50", "0.8.51", "0.8.51.post1", "0.8.52", "0.8.53", "0.8.53.post3", "0.8.54", "0.8.55", "0.8.56", "0.8.57", "0.8.58", "0.8.59", "0.8.6", "0.8.61", "0.8.62", "0.8.63.post1", "0.8.63.post2", "0.8.64", "0.8.64.post1", "0.8.65", "0.8.66", "0.8.67", "0.8.68", "0.8.69", "0.8.69.post1", "0.8.69.post2", "0.8.7", "0.8.8", "0.8.9", "0.9.0", "0.9.0.post1", "0.9.0a1", "0.9.0a2", "0.9.0a3", "0.9.1", "0.9.10", "0.9.10a1", "0.9.10a2", "0.9.11", "0.9.11.post1", "0.9.12", "0.9.12a1", "0.9.12a2", "0.9.12a3", "0.9.12a4", "0.9.12a5", "0.9.12a6", "0.9.13", "0.9.14", "0.9.14.post1", "0.9.14.post2", "0.9.14.post3", "0.9.15", "0.9.15.post1", "0.9.15.post2", "0.9.16", "0.9.16.dev1", "0.9.16.dev2", "0.9.16.post1", "0.9.17", "0.9.17.dev1", "0.9.18", "0.9.19", "0.9.2", "0.9.20", "0.9.21", "0.9.22", "0.9.23", "0.9.24", "0.9.25", "0.9.25.post1", "0.9.25a1", "0.9.25a2", "0.9.26", "0.9.27", "0.9.28", "0.9.28.post1", "0.9.28.post2", "0.9.29", "0.9.3", "0.9.3.post1", "0.9.30", "0.9.31", "0.9.32", "0.9.33", "0.9.33a2", "0.9.33a3", "0.9.33a4", "0.9.33a5", "0.9.33a6", "0.9.34", "0.9.35", "0.9.36", "0.9.37", "0.9.37.post1", "0.9.38", "0.9.39", "0.9.4", "0.9.40", "0.9.41", "0.9.42", "0.9.42.post1", "0.9.42.post2", "0.9.43", "0.9.44", "0.9.45", "0.9.45.post1", "0.9.46", "0.9.47", "0.9.48", "0.9.5", "0.9.6", "0.9.6.post1", "0.9.6.post2", "0.9.7", "0.9.8", "0.9.8.post1", "0.9.9", ], }, ], aliases: [ "CVE-2024-45201", ], details: "An issue was discovered in llama_index before 0.10.38. download/integration.py includes an exec call for import {cls_name}.", id: "PYSEC-2024-192", modified: "2025-01-19T13:22:29.175614+00:00", published: "2024-08-22T20:15:10+00:00", references: [ { type: "WEB", url: "https://github.com/run-llama/llama_index/compare/v0.10.37...v0.10.38", }, { type: "WEB", url: "https://github.com/run-llama/llama_index/pull/13523", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.