CVE-2024-12910: CWE-674 Uncontrolled Recursion in run-llama run-llama/llama_index
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index repository, version latest, allows an attacker to cause a Denial of Service (DoS) by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the `get_article_urls` method, exhausting system resources and potentially crashing the application.
AI Analysis
Technical Summary
CVE-2024-12910 identifies a vulnerability in the run-llama/llama_index repository, specifically within the KnowledgeBaseWebReader class. The flaw arises when an attacker controls a URL variable that is set to the root URL, which causes the get_article_urls method to recursively call itself indefinitely. This uncontrolled recursion leads to exhaustion of system resources such as CPU and memory, resulting in a denial of service (DoS) condition where the application becomes unresponsive or crashes. The vulnerability is classified under CWE-674 (Uncontrolled Recursion). The CVSS v3.0 base score is 4.2, indicating medium severity, with attack vector as physical (AV:P), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H). There is no impact on confidentiality or integrity. The vulnerability affects the latest unspecified versions of run-llama/llama_index, and no patches or known exploits are currently available. The root cause is insufficient input validation and lack of recursion depth control in the URL processing logic. An attacker who can supply URLs to the system can exploit this to cause infinite recursion and crash the service.
Potential Impact
For European organizations, the primary impact is denial of service, which can disrupt availability of applications or services relying on run-llama/llama_index, particularly those using the KnowledgeBaseWebReader functionality. This could affect AI-driven knowledge base systems, research tools, or internal applications that integrate this library. While confidentiality and integrity are not directly impacted, service outages can lead to operational downtime, loss of productivity, and potential reputational damage. Organizations in sectors with high reliance on AI/ML tooling, such as technology firms, research institutions, and digital service providers, are at greater risk. The medium severity and high complexity of exploitation reduce the likelihood of widespread attacks but do not eliminate targeted abuse. The absence of known exploits suggests a window for proactive mitigation before active exploitation occurs.
Mitigation Recommendations
To mitigate this vulnerability, organizations should implement strict input validation on URL parameters to prevent the root URL from being passed unchecked to the get_article_urls method. Introducing recursion depth limits or timeouts within the method can prevent infinite loops from exhausting resources. Monitoring application logs for unusual recursive call patterns or resource spikes can help detect attempted exploitation. Until an official patch is released, consider isolating or sandboxing the affected component to limit impact. If feasible, review and update the run-llama/llama_index dependency regularly and subscribe to vendor advisories for patches. Additionally, applying runtime protections such as resource quotas or container limits can reduce the risk of system-wide crashes. Developers should also conduct code audits focusing on recursive functions and input handling to identify similar vulnerabilities.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark
CVE-2024-12910: CWE-674 Uncontrolled Recursion in run-llama run-llama/llama_index
Description
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index repository, version latest, allows an attacker to cause a Denial of Service (DoS) by controlling a URL variable to contain the root URL. This leads to infinite recursive calls to the `get_article_urls` method, exhausting system resources and potentially crashing the application.
AI-Powered Analysis
Technical Analysis
CVE-2024-12910 identifies a vulnerability in the run-llama/llama_index repository, specifically within the KnowledgeBaseWebReader class. The flaw arises when an attacker controls a URL variable that is set to the root URL, which causes the get_article_urls method to recursively call itself indefinitely. This uncontrolled recursion leads to exhaustion of system resources such as CPU and memory, resulting in a denial of service (DoS) condition where the application becomes unresponsive or crashes. The vulnerability is classified under CWE-674 (Uncontrolled Recursion). The CVSS v3.0 base score is 4.2, indicating medium severity, with attack vector as physical (AV:P), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H). There is no impact on confidentiality or integrity. The vulnerability affects the latest unspecified versions of run-llama/llama_index, and no patches or known exploits are currently available. The root cause is insufficient input validation and lack of recursion depth control in the URL processing logic. An attacker who can supply URLs to the system can exploit this to cause infinite recursion and crash the service.
Potential Impact
For European organizations, the primary impact is denial of service, which can disrupt availability of applications or services relying on run-llama/llama_index, particularly those using the KnowledgeBaseWebReader functionality. This could affect AI-driven knowledge base systems, research tools, or internal applications that integrate this library. While confidentiality and integrity are not directly impacted, service outages can lead to operational downtime, loss of productivity, and potential reputational damage. Organizations in sectors with high reliance on AI/ML tooling, such as technology firms, research institutions, and digital service providers, are at greater risk. The medium severity and high complexity of exploitation reduce the likelihood of widespread attacks but do not eliminate targeted abuse. The absence of known exploits suggests a window for proactive mitigation before active exploitation occurs.
Mitigation Recommendations
To mitigate this vulnerability, organizations should implement strict input validation on URL parameters to prevent the root URL from being passed unchecked to the get_article_urls method. Introducing recursion depth limits or timeouts within the method can prevent infinite loops from exhausting resources. Monitoring application logs for unusual recursive call patterns or resource spikes can help detect attempted exploitation. Until an official patch is released, consider isolating or sandboxing the affected component to limit impact. If feasible, review and update the run-llama/llama_index dependency regularly and subscribe to vendor advisories for patches. Additionally, applying runtime protections such as resource quotas or container limits can reduce the risk of system-wide crashes. Developers should also conduct code audits focusing on recursive functions and input handling to identify similar vulnerabilities.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- @huntr_ai
- Date Reserved
- 2024-12-24T07:49:19.082Z
- Cvss Version
- 3.0
- State
- PUBLISHED
Threat ID: 68ef9b25178f764e1f470b16
Added to database: 10/15/2025, 1:01:25 PM
Last enriched: 10/15/2025, 1:24:25 PM
Last updated: 10/16/2025, 2:41:51 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-54658: Escalation of privilege in Fortinet FortiDLP
HighCVE-2025-53951: Escalation of privilege in Fortinet FortiDLP
MediumCVE-2025-53950: Information disclosure in Fortinet FortiDLP
MediumCVE-2025-46752: Information disclosure in Fortinet FortiDLP
MediumCVE-2025-11839: Unchecked Return Value in GNU Binutils
MediumActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.