Common Weakness Enumeration

CWE-1112

Prohibited

Incomplete Documentation of Program Execution

Abstraction: Base · Status: Incomplete

The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.

4 vulnerabilities reference this CWE, most recent first.

CVE-2025-3108 (GCVE-0-2025-3108)

Vulnerability from cvelistv5 – Published: 2025-07-06 22:47 – Updated: 2025-07-07 13:43
VLAI
Title
Unsafe Deserialization in JsonPickleSerializer Enables Remote Code Execution in run-llama/llama_index
Summary
A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause includes an insecure fallback mechanism, lack of validation or safeguards, misleading design, and violation of Python security guidelines.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1112 - Incomplete Documentation of Program Execution
Assigner
Impacted products
Vendor Product Version
run-llama run-llama/llama_index Affected: unspecified , < v0.12.41 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3108",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-07T13:42:15.611862Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-07T13:43:12.649Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "run-llama/llama_index",
          "vendor": "run-llama",
          "versions": [
            {
              "lessThan": "v0.12.41",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A critical deserialization vulnerability exists in the run-llama/llama_index library\u0027s JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python\u0027s pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause includes an insecure fallback mechanism, lack of validation or safeguards, misleading design, and violation of Python security guidelines."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1112",
              "description": "CWE-1112 Incomplete Documentation of Program Execution",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-06T22:47:25.655Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntr_ai"
      },
      "references": [
        {
          "url": "https://huntr.com/bounties/9b55a5e8-74e6-4241-b323-e360dc8b110a"
        },
        {
          "url": "https://github.com/run-llama/llama_index/commit/702e4340623092fac4cf2fe95eb9465034856da3"
        }
      ],
      "source": {
        "advisory": "9b55a5e8-74e6-4241-b323-e360dc8b110a",
        "discovery": "EXTERNAL"
      },
      "title": "Unsafe Deserialization in JsonPickleSerializer Enables Remote Code Execution in run-llama/llama_index"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntr_ai",
    "cveId": "CVE-2025-3108",
    "datePublished": "2025-07-06T22:47:25.655Z",
    "dateReserved": "2025-04-02T06:33:56.248Z",
    "dateUpdated": "2025-07-07T13:43:12.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-29241 (GCVE-0-2023-29241)

Vulnerability from cvelistv5 – Published: 2023-06-30 00:00 – Updated: 2024-11-26 19:59
VLAI
Summary
Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1112 - Incomplete Documentation of Program Execution
Assigner
Impacted products
Vendor Product Version
Bosch BIS Affected: 5.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:00:15.894Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29241",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-26T19:59:44.994388Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T19:59:56.176Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIS",
          "vendor": "Bosch",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1112",
              "description": "CWE-1112 Incomplete Documentation of Program Execution",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-30T00:00:00.000Z",
        "orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
        "shortName": "bosch"
      },
      "references": [
        {
          "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
    "assignerShortName": "bosch",
    "cveId": "CVE-2023-29241",
    "datePublished": "2023-06-30T00:00:00.000Z",
    "dateReserved": "2023-06-01T00:00:00.000Z",
    "dateUpdated": "2024-11-26T19:59:56.176Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-2Q32-MVGG-6PFC

Vulnerability from github – Published: 2023-07-01 00:30 – Updated: 2024-04-04 05:19
VLAI
Details

Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-29241"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1112"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-30T22:15:09Z",
    "severity": "HIGH"
  },
  "details": "Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network",
  "id": "GHSA-2q32-mvgg-6pfc",
  "modified": "2024-04-04T05:19:14Z",
  "published": "2023-07-01T00:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29241"
    },
    {
      "type": "WEB",
      "url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-M84C-4C34-28GF

Vulnerability from github – Published: 2025-07-07 00:30 – Updated: 2025-07-07 23:11
VLAI
Summary
LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component
Details

Incomplete Documentation of Program Execution exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause involves the use of an insecure fallback strategy without sufficient input validation or protective safeguards. Version 0.12.41 renames JsonPickleSerializer to PickleSerializer and adds a warning to the docs to only use PickleSerializer to deserialize safe things.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.12.40"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "llama-index-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.11.15"
            },
            {
              "fixed": "0.12.41"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-3108"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-1112"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-07T23:11:36Z",
    "nvd_published_at": "2025-07-06T23:15:21Z",
    "severity": "MODERATE"
  },
  "details": "Incomplete Documentation of Program Execution exists in the run-llama/llama_index library\u0027s JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python\u0027s pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause involves the use of an insecure fallback strategy without sufficient input validation or protective safeguards. Version 0.12.41 renames JsonPickleSerializer to PickleSerializer and adds a warning to the docs to only use PickleSerializer to deserialize safe things.",
  "id": "GHSA-m84c-4c34-28gf",
  "modified": "2025-07-07T23:11:36Z",
  "published": "2025-07-07T00:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3108"
    },
    {
      "type": "WEB",
      "url": "https://github.com/run-llama/llama_index/commit/702e4340623092fac4cf2fe95eb9465034856da3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/run-llama/llama_index"
    },
    {
      "type": "WEB",
      "url": "https://github.com/run-llama/llama_index/blob/v0.12.41/CHANGELOG.md#llama-index-core-01241"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/9b55a5e8-74e6-4241-b323-e360dc8b110a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component"
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.