PyPI: llama-index-core
CVE-2025-6209
Safety vulnerability ID: SFTY-20250707-26427
Safety legacy ID: pyup.io-77994
Affected versions of the LlamaIndex package are vulnerable to Path Traversal. The `encode_image()` function in `generic_utils.py` fails to properly validate and sanitize file path inputs, leading to unauthorized file access. An attacker can exploit this vulnerability by manipulating the `image_path` parameter with path traversal sequences, resulting in the ability to read arbitrary files on the server, including sensitive system files. The vulnerability was fixed in version 0.12.41 through the implementation of path validation checks. The fix adds the `is_valid_path()` and `is_valid_url()` functions to validate input paths and URLs.
Overview
LlamaIndex vulnerable to Path Traversal attack through its encode_image function
Advisory
Affected versions of the LlamaIndex package are vulnerable to Path Traversal. The `encode_image()` function in `generic_utils.py` fails to properly validate and sanitize file path inputs, leading to unauthorized file access. An attacker can exploit this vulnerability by manipulating the `image_path` parameter with path traversal sequences, resulting in the ability to read arbitrary files on the server, including sensitive system files. The vulnerability was fixed in version 0.12.41 through the implementation of path validation checks. The fix adds the `is_valid_path()` and `is_valid_url()` functions to validate input paths and URLs.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20250707-26427/CVE-2025-6209
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6209
- https://github.com/run-llama/llama_index/commit/cdeaab91a204d1c3527f177dac37390327aef274
- https://huntr.com/bounties/e89d14f8-bfe8-4c9a-bb2a-656c01cc9a68
- https://nvd.nist.gov/vuln/detail/CVE-2025-6209
- https://github.com/run-llama/llama_index/commit/cdeaab91a204d1c3527f177dac37390327aef274
- https://huntr.com/bounties/e89d14f8-bfe8-4c9a-bb2a-656c01cc9a68
- https://github.com/pypa/advisory-database/tree/main/vulns/llama-index/PYSEC-2025-65.yaml
- https://github.com/advisories/GHSA-2rhq-96q8-4vjq
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more