{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12911", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-12-24T07:51:29.340Z", "datePublished": "2025-03-20T10:09:44.583Z", "dateUpdated": "2025-03-20T18:35:20.653Z"}, "containers": {"cna": {"title": "SQL Injection in run-llama/llama_index", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:44.583Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}], "affected": [{"vendor": "run-llama", "product": "run-llama/llama_index", "versions": [{"version": "unspecified", "lessThan": "0.5.1", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"}, {"url": "https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "baseScore": 7.1, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-379 Creation of Temporary File in Directory with Insecure Permissions", "cweId": "CWE-379"}]}], "source": {"advisory": "095f9e67-311d-494c-99c5-5e61a0adb8f3", "discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-20T17:50:15.699354Z", "id": "CVE-2024-12911", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T18:35:20.653Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12911", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-20T17:50:15.699354Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T17:50:17.749Z"}}], "cna": {"title": "SQL Injection in run-llama/llama_index", "source": {"advisory": "095f9e67-311d-494c-99c5-5e61a0adb8f3", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "run-llama", "product": "run-llama/llama_index", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.5.1", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"}, {"url": "https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-379", "description": "CWE-379 Creation of Temporary File in Directory with Insecure Permissions"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:44.583Z"}}}, "cveMetadata": {"cveId": "CVE-2024-12911", "state": "PUBLISHED", "dateUpdated": "2025-03-20T18:35:20.653Z", "dateReserved": "2024-12-24T07:51:29.340Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2025-03-20T10:09:44.583Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}], "id": "CVE-2024-12911", "lastModified": "2025-03-20T10:15:32.083", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2025-03-20T10:15:32.083", "references": [{"source": "security@huntr.dev", "url": "https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-379"}], "source": "security@huntr.dev", "type": "Primary"}]}

{"bugzilla": {"description": "llama-index: SQL Injection in run-llama/llama_index", "id": "2353719", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353719"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "status": "draft"}, "cwe": "CWE-379", "details": ["A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1.", "A flaw was found in the run-llama/llama_index repository. This vulnerability allows arbitrary file creation and denial of service (DoS) attacks via SQL injection through prompt injection."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-12911", "package_state": [{"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Affected", "package_name": "openshift-lightspeed-tech-preview/lightspeed-service-api-rhel9", "product_name": "OpenShift Lightspeed"}], "public_date": "2025-03-20T10:09:44Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-12911\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-12911\nhttps://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e\nhttps://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"], "statement": "This vulnerability marked as moderate rather than important because while it enables SQL injection via prompt injection, the exploitability and impact are constrained. First, successful exploitation requires the attacker to manipulate a user-controlled prompt in a specific way, limiting the attack surface. \nSecond, while arbitrary file creation is possible, it does not necessarily lead to direct remote code execution (RCE) without additional chaining vulnerabilities. Additionally, the Denial-of-Service (DoS) potential is limited to resource exhaustion rather than system-wide failure.", "threat_severity": "Moderate"}