A vulnerability was found in run-llama llama_index up to 0.10.12. It has been classified as critical. Affected is the function
RunGptLLM
. The manipulation leads to code injection.
This vulnerability is traded as CVE-2024-4181. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.