Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-1752
Modified
More InfoOfficial Page
Source-security@huntr.dev
View Known Exploited Vulnerability (KEV) details
Published At-10 May, 2025 | 14:15
Updated At-15 Oct, 2025 | 13:16

A Denial of Service (DoS) vulnerability has been identified in the KnowledgeBaseWebReader class of the run-llama/llama_index project, affecting version ~ latest(v0.12.15). The vulnerability arises due to inappropriate secure coding measures, specifically the lack of proper implementation of the max_depth parameter in the get_article_urls function. This allows an attacker to exhaust Python's recursion limit through repeated function calls, leading to resource consumption and ultimately crashing the Python process.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
llamaindex
llamaindex
>>llamaindex>>Versions before 0.3.6(exclusive)
cpe:2.3:a:llamaindex:llamaindex:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-674Primarysecurity@huntr.dev
CWE ID: CWE-674
Type: Primary
Source: security@huntr.dev
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/run-llama/llama_index/commit/3c65db2947271de3bd1927dc66a044da385de4dasecurity@huntr.dev
Patch
https://huntr.com/bounties/cd7b9082-7d75-42e4-84f5-dbee23cbc467security@huntr.dev
Exploit
Third Party Advisory
https://huntr.com/bounties/cd7b9082-7d75-42e4-84f5-dbee23cbc467134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Third Party Advisory
Hyperlink: https://github.com/run-llama/llama_index/commit/3c65db2947271de3bd1927dc66a044da385de4da
Source: security@huntr.dev
Resource:
Patch
Hyperlink: https://huntr.com/bounties/cd7b9082-7d75-42e4-84f5-dbee23cbc467
Source: security@huntr.dev
Resource:
Exploit
Third Party Advisory
Hyperlink: https://huntr.com/bounties/cd7b9082-7d75-42e4-84f5-dbee23cbc467
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Third Party Advisory
Change History
0Changes found
Details not found