CVE-2024-3098 | run-llama llama_index up to 0.10.23 exec_utils code injection

Posted by Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability has been found in run-llama llama_index up to 0.10.23 and classified as critical. This vulnerability affects the function exec_utils. The manipulation leads to code injection.

This vulnerability was named CVE-2024-3098. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3098 | run-llama llama_index up to 0.10.23 exec_utils code injection

Related Posts

CVE-2024-2451 | TeamViewer Remote Full Client/Remote Host prior 15.54 signature verification

CVE-2024-20271 | Cisco Aironet Access Point IPv4 Packet denial of service (cisco-sa-ap-dos-h9TGGX6W)

CVE-2024-42676 | Huizhi Enterprise Resource Management System up to 1.0 DNPageAjaxPostBack /nssys/common/Upload unrestricted upload

CVE-2024-2723 | Ciges CIGESv2 ajaxSubServicios.php idServicio sql injection