CVE
CVE-2024-14021
LlamaIndex (run-llama/llama_index) versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.load_from_disk() in llama_index/indices/managed/bge_m3/base.py.
LlamaIndex (run-llama/llamaindex) versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk() in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load() to deserialize multiembedstore.pkl from a user-supplied persistdir without validation. An attacker who can provide a crafted persist directory containing a malicious pickle file can trigger arbitrary code execution when the victim loads the index from disk.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
8.4
-
4.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
C
H
U
0
-
3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
C
H
U
-
Related Resources
No items found.
References
https://www.llamaindex.ai/, https://huntr.com/bounties/ab4ceeb4-aa85-4d1c-aaca-4eda1b71fc12, https://www.vulncheck.com/advisories/llamaindex-bgem3index-unsafe-deserialization, https://github.com/run-llama/llama_index
Basic Information
Ecosystem
