A vulnerability was found in run-llama llama_index up to 0.12.40. It has been classified as problematic. This affects the function
encode_image
of the file generic_utils.py. The manipulation leads to path traversal: ‘..filename’.
This vulnerability is uniquely identified as CVE-2025-6209. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.