CVE-2024-3271 | run-llama llama_index up to 10.25 safe_eval command injection

Posted by Angelo Barbosa | Apr 16, 2024 | CVE

A vulnerability was found in run-llama llama_index up to 10.25. It has been declared as very critical. This vulnerability affects the function safe_eval. The manipulation leads to command injection.

This vulnerability was named CVE-2024-3271. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3271 | run-llama llama_index up to 10.25 safe_eval command injection

Related Posts

CVE-2024-30280 | Adobe Acrobat Pro DC AcroForm Annotation out-of-bounds

CVE-2024-27743 | Petrol Pump Management Software 1.0 add_invoices.php Address cross site scripting

CVE-2024-38222 | Microsoft Edge information disclosure

CVE-2023-48683 | Acronis Cyber Protect Cloud Agent prior 37758 authorization