CWE-1112
ProhibitedIncomplete Documentation of Program Execution
Abstraction: Base · Status: Incomplete
The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.
4 vulnerabilities reference this CWE, most recent first.
CVE-2025-3108 (GCVE-0-2025-3108)
Vulnerability from cvelistv5 – Published: 2025-07-06 22:47 – Updated: 2025-07-07 13:43- CWE-1112 - Incomplete Documentation of Program Execution
| Vendor | Product | Version | |
|---|---|---|---|
| run-llama | run-llama/llama_index |
Affected:
unspecified , < v0.12.41
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3108",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T13:42:15.611862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T13:43:12.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "run-llama/llama_index",
"vendor": "run-llama",
"versions": [
{
"lessThan": "v0.12.41",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A critical deserialization vulnerability exists in the run-llama/llama_index library\u0027s JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python\u0027s pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause includes an insecure fallback mechanism, lack of validation or safeguards, misleading design, and violation of Python security guidelines."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1112",
"description": "CWE-1112 Incomplete Documentation of Program Execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-06T22:47:25.655Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/9b55a5e8-74e6-4241-b323-e360dc8b110a"
},
{
"url": "https://github.com/run-llama/llama_index/commit/702e4340623092fac4cf2fe95eb9465034856da3"
}
],
"source": {
"advisory": "9b55a5e8-74e6-4241-b323-e360dc8b110a",
"discovery": "EXTERNAL"
},
"title": "Unsafe Deserialization in JsonPickleSerializer Enables Remote Code Execution in run-llama/llama_index"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2025-3108",
"datePublished": "2025-07-06T22:47:25.655Z",
"dateReserved": "2025-04-02T06:33:56.248Z",
"dateUpdated": "2025-07-07T13:43:12.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29241 (GCVE-0-2023-29241)
Vulnerability from cvelistv5 – Published: 2023-06-30 00:00 – Updated: 2024-11-26 19:59- CWE-1112 - Incomplete Documentation of Program Execution
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T19:59:44.994388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T19:59:56.176Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "BIS",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1112",
"description": "CWE-1112 Incomplete Documentation of Program Execution",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T00:00:00.000Z",
"orgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"shortName": "bosch"
},
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
}
],
"source": {
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "c95f66b2-7e7c-41c5-8f09-6f86ec68659c",
"assignerShortName": "bosch",
"cveId": "CVE-2023-29241",
"datePublished": "2023-06-30T00:00:00.000Z",
"dateReserved": "2023-06-01T00:00:00.000Z",
"dateUpdated": "2024-11-26T19:59:56.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GHSA-2Q32-MVGG-6PFC
Vulnerability from github – Published: 2023-07-01 00:30 – Updated: 2024-04-04 05:19Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network
{
"affected": [],
"aliases": [
"CVE-2023-29241"
],
"database_specific": {
"cwe_ids": [
"CWE-1112"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-30T22:15:09Z",
"severity": "HIGH"
},
"details": "Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network",
"id": "GHSA-2q32-mvgg-6pfc",
"modified": "2024-04-04T05:19:14Z",
"published": "2023-07-01T00:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29241"
},
{
"type": "WEB",
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-M84C-4C34-28GF
Vulnerability from github – Published: 2025-07-07 00:30 – Updated: 2025-07-07 23:11Incomplete Documentation of Program Execution exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause involves the use of an insecure fallback strategy without sufficient input validation or protective safeguards. Version 0.12.41 renames JsonPickleSerializer to PickleSerializer and adds a warning to the docs to only use PickleSerializer to deserialize safe things.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.12.40"
},
"package": {
"ecosystem": "PyPI",
"name": "llama-index-core"
},
"ranges": [
{
"events": [
{
"introduced": "0.11.15"
},
{
"fixed": "0.12.41"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-3108"
],
"database_specific": {
"cwe_ids": [
"CWE-1112"
],
"github_reviewed": true,
"github_reviewed_at": "2025-07-07T23:11:36Z",
"nvd_published_at": "2025-07-06T23:15:21Z",
"severity": "MODERATE"
},
"details": "Incomplete Documentation of Program Execution exists in the run-llama/llama_index library\u0027s JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python\u0027s pickle module. JsonPickleSerializer prioritizes deserialization using pickle.loads(), which can execute arbitrary code when processing untrusted data. Attackers can exploit this by crafting malicious payloads to achieve full system compromise. The root cause involves the use of an insecure fallback strategy without sufficient input validation or protective safeguards. Version 0.12.41 renames JsonPickleSerializer to PickleSerializer and adds a warning to the docs to only use PickleSerializer to deserialize safe things.",
"id": "GHSA-m84c-4c34-28gf",
"modified": "2025-07-07T23:11:36Z",
"published": "2025-07-07T00:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3108"
},
{
"type": "WEB",
"url": "https://github.com/run-llama/llama_index/commit/702e4340623092fac4cf2fe95eb9465034856da3"
},
{
"type": "PACKAGE",
"url": "https://github.com/run-llama/llama_index"
},
{
"type": "WEB",
"url": "https://github.com/run-llama/llama_index/blob/v0.12.41/CHANGELOG.md#llama-index-core-01241"
},
{
"type": "WEB",
"url": "https://huntr.com/bounties/9b55a5e8-74e6-4241-b323-e360dc8b110a"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.