{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12911", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2024-12-24T07:51:29.340Z", "datePublished": "2025-03-20T10:09:44.583Z", "dateUpdated": "2025-10-15T12:50:19.844Z"}, "containers": {"cna": {"title": "SQL Injection in run-llama/llama_index", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-10-15T12:50:19.844Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}], "affected": [{"vendor": "run-llama", "product": "run-llama/llama_index", "versions": [{"version": "unspecified", "lessThan": "0.5.1", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"}, {"url": "https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "baseScore": 7.1, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command", "cweId": "CWE-89"}]}], "source": {"advisory": "095f9e67-311d-494c-99c5-5e61a0adb8f3", "discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-20T17:50:15.699354Z", "id": "CVE-2024-12911", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T18:35:20.653Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12911", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-20T17:50:15.699354Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-20T17:50:17.749Z"}}], "cna": {"title": "SQL Injection in run-llama/llama_index", "source": {"advisory": "095f9e67-311d-494c-99c5-5e61a0adb8f3", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "run-llama", "product": "run-llama/llama_index", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "0.5.1", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"}, {"url": "https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-379", "description": "CWE-379 Creation of Temporary File in Directory with Insecure Permissions"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2025-03-20T10:09:44.583Z"}}}, "cveMetadata": {"cveId": "CVE-2024-12911", "state": "PUBLISHED", "dateUpdated": "2025-03-20T18:35:20.653Z", "dateReserved": "2024-12-24T07:51:29.340Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2025-03-20T10:09:44.583Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:llamaindex:llamaindex:*:*:*:*:*:*:*:*", "matchCriteriaId": "F72F5E22-436B-4A76-BCD2-6270AC7413B8", "versionEndExcluding": "0.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n `default_jsonalyzer` del `JSONalyzeQueryEngine` del repositorio run-llama/llama_index permite la inyecci\u00f3n de SQL mediante la inyecci\u00f3n de prompts. Esto puede provocar la creaci\u00f3n arbitraria de archivos y ataques de denegaci\u00f3n de servicio (DoS). La vulnerabilidad afecta a la \u00faltima versi\u00f3n y est\u00e1 corregida en la versi\u00f3n 0.5.1."}], "id": "CVE-2024-12911", "lastModified": "2025-10-15T13:15:41.607", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2025-03-20T10:15:32.083", "references": [{"source": "security@huntr.dev", "tags": ["Patch"], "url": "https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security@huntr.dev", "type": "Primary"}]}

{"bugzilla": {"description": "llama-index: SQL Injection in run-llama/llama_index", "id": "2353719", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353719"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "status": "draft"}, "cwe": "CWE-379", "details": ["A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1.", "A flaw was found in the run-llama/llama_index repository. This vulnerability allows arbitrary file creation and denial of service (DoS) attacks via SQL injection through prompt injection."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-12911", "package_state": [{"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Affected", "package_name": "openshift-lightspeed-tech-preview/lightspeed-service-api-rhel9", "product_name": "OpenShift Lightspeed"}], "public_date": "2025-03-20T10:09:44Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-12911\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-12911\nhttps://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e\nhttps://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"], "statement": "This vulnerability marked as moderate rather than important because while it enables SQL injection via prompt injection, the exploitability and impact are constrained. First, successful exploitation requires the attacker to manipulate a user-controlled prompt in a specific way, limiting the attack surface. \nSecond, while arbitrary file creation is possible, it does not necessarily lead to direct remote code execution (RCE) without additional chaining vulnerabilities. Additionally, the Denial-of-Service (DoS) potential is limited to resource exhaustion rather than system-wide failure.", "threat_severity": "Moderate"}