llama-index vulnerabilities

Interface between LLMs and your data

0.13.4

2 years ago

1 days ago

Known vulnerabilities in the llama-index package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Expected Behavior Violation	[,0.12.41)
C Arbitrary File Write via Archive Extraction (Zip Slip)	[,0.12.41)
H Deserialization of Untrusted Data	[,0.12.41)
H Uncontrolled Recursion	[,0.12.38)
M Directory Traversal	[,0.12.41)
H Directory Traversal	[,0.12.28)
M Expected Behavior Violation	[,0.12.28)
H Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	[,0.12.29)
H Improper Control of Generation of Code ('Code Injection')	[,0.10.38)
H Improper Control of Generation of Code ('Code Injection')	[0.9.47,0.10.13)
C Command Injection	[,0.10.24)
H Arbitrary Code Execution	[,0.9.5)

479 VERSIONS IN TOTAL See all versions