Vulnerability	Vulnerable Version
H Improper Control of Generation of Code ('Code Injection') dsfsdf llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') through the `exec` call in the `download/integration.py` script. An attacker can execute arbitrary code by injecting malicious input into the `cls_name` variable used in the exec call. How to fix Improper Control of Generation of Code ('Code Injection')? Upgrade `llama-index` to version 0.10.38 or higher.	[,0.10.38)
H Improper Control of Generation of Code ('Code Injection') dsfsdf llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') in the `eval` function. An attacker can execute arbitrary commands on the client's machine by exploiting this vulnerability. How to fix Improper Control of Generation of Code ('Code Injection')? Upgrade `llama-index` to version 0.10.13 or higher.	[0.9.47,0.10.13)
C Command Injection dsfsdf llama-index is an Interface between LLMs and your data Affected versions of this package are vulnerable to Command Injection due to the `safe_eval` function. An attacker can execute arbitrary code on the server hosting the application by crafting input that, while not containing an underscore, still results in the execution of OS commands. How to fix Command Injection? Upgrade `llama-index` to version 0.10.24 or higher.	[,0.10.24)

Go back to all versions of this package