{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T16:52:41.043","vulnerabilities":[{"cve":{"id":"CVE-2025-5302","sourceIdentifier":"security@huntr.dev","published":"2025-08-25T15:15:42.243","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. The issue is resolved in version 0.12.38."},{"lang":"es","value":"Existe una vulnerabilidad de denegación de servicio en el componente JSONReader del repositorio run-llama/llama_index, concretamente en la versión v0.12.37. Esta vulnerabilidad se debe a una recursión incontrolada al analizar archivos JSON profundamente anidados, lo que puede provocar que Python alcance su límite máximo de recursión. Esto provoca un alto consumo de recursos y posibles bloqueos del proceso de Python. El problema se ha resuelto en la versión 0.12.38."}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.7}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-674"}]}],"references":[{"url":"https://github.com/run-llama/llama_index/commit/c032843a02ce38fd8f284b2aa5a37fd1c17ae635","source":"security@huntr.dev"},{"url":"https://huntr.com/bounties/70041b81-de9e-4046-8c0e-6ccd557048a6","source":"security@huntr.dev"}]}}]}