CVE-2025-1752 | run-llama llama_index up to 0.3.5 KnowledgeBaseWebReader get_article_urls max_depth resource consumption

Inserito da Angelo Barbosa | Mag 10, 2025 | CVE

A vulnerability classified as critical was found in run-llama llama_index up to 0.3.5. Affected by this vulnerability is the function get_article_urls of the component KnowledgeBaseWebReader. The manipulation of the argument max_depth leads to resource consumption.

This vulnerability is known as CVE-2025-1752. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1752 | run-llama llama_index up to 0.3.5 KnowledgeBaseWebReader get_article_urls max_depth resource consumption

Post correlati

CVE-2024-48871 | Planet Technology Planet WGS-804HPT 1.305b210531 HTTP Request stack-based overflow (icsa-24-340-02)

CVE-2024-53218 | Linux Kernel up to 6.6.63/6.11.10/6.12.1 f2fs_stop_gc_thread use after free

CVE-2024-9687 | WP 2FA with Telegram Plugin up to 3.0 on WordPress improper authentication

CVE-2025-25617 | Unifiedtransform 2.x Syllabus access control