{"id":"PYSEC-2024-324","details":"A command injection vulnerability exists in the RunGptLLM class of the llama_index library, version 0.9.47, used by the RunGpt framework from JinaAI to connect to Language Learning Models (LLMs). The vulnerability arises from the improper use of the eval function, allowing a malicious or compromised LLM hosting provider to execute arbitrary commands on the client's machine. This issue was fixed in version 0.10.13. The exploitation of this vulnerability could lead to a hosting provider gaining full control over client machines.","aliases":["CVE-2024-4181","GHSA-pw38-xv9x-h8ch","PYSEC-2026-1565"],"modified":"2026-07-13T07:26:21.243502373Z","published":"2024-05-16T09:15:15.553Z","references":[{"type":"FIX","url":"https://github.com/run-llama/llama_index/commit/d73715eaf0642705583e7897c78b9c8dd2d3a7ba"},{"type":"EVIDENCE","url":"https://huntr.com/bounties/1a204520-598a-434e-b13d-0d34f2a5ddc1"}],"affected":[{"package":{"name":"llama-index","ecosystem":"PyPI","purl":"pkg:pypi/llama-index"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0.9.47"},{"fixed":"0.10.13"}]}],"versions":["0.10.0","0.10.1","0.10.10","0.10.11","0.10.12","0.10.3","0.10.4","0.10.5","0.10.5a1","0.10.6","0.10.7","0.10.8","0.10.9","0.9.47","0.9.48"],"ecosystem_specific":{},"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/llama-index/PYSEC-2024-324.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}