CVE-2025-5302 in llama_index
Summary
by MITRE • 08/26/2025
A denial of service vulnerability exists in the JSONReader component of the run-llama/llama_index repository, specifically in version v0.12.37. The vulnerability is caused by uncontrolled recursion when parsing deeply nested JSON files, which can lead to Python hitting its maximum recursion depth limit. This results in high resource consumption and potential crashes of the Python process. The issue is resolved in version 0.12.38.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 08/26/2025
The vulnerability identified as CVE-2025-5302 represents a critical denial of service weakness within the JSONReader component of the run-llama/llama_index repository ecosystem. This flaw manifests specifically in version v0.12.37 and stems from inadequate handling of recursive data structures during JSON parsing operations. The affected component processes structured data inputs that may contain arbitrarily deep nesting levels, creating conditions where recursive parsing algorithms can spiral beyond acceptable computational bounds. The root cause lies in the absence of proper depth validation mechanisms within the parser implementation, allowing malicious or malformed inputs to trigger excessive recursive function calls that ultimately exhaust system resources.
The technical exploitation of this vulnerability occurs when the JSONReader encounters deeply nested JSON structures that exceed the default Python recursion limit. During parsing operations, the component recursively traverses nested objects and arrays without implementing safeguards against excessive nesting depths. This uncontrolled recursion pattern leads to stack overflow conditions where Python's interpreter reaches its maximum recursion depth threshold and terminates the process abruptly. The resource consumption characteristics of this vulnerability are particularly concerning as it can consume substantial memory and processing cycles during the recursive traversal phase, potentially affecting system availability and performance of applications relying on this library.
Operational impact of CVE-2025-5302 extends beyond simple service disruption to encompass broader system stability concerns within applications utilizing the affected library. Systems that process external JSON data feeds or user-provided structured inputs become vulnerable to this attack vector, as any input containing excessive nesting levels can trigger the denial of service condition. The vulnerability affects both automated processing pipelines and interactive applications that depend on JSON parsing capabilities, creating potential for cascading failures in larger software ecosystems. Organizations using run-llama/llama_index in production environments face risks of unauthorized service interruption and potential data processing failures that could impact downstream applications and user experiences.
The remediation for this vulnerability requires immediate upgrading to version 0.12.38 of the run-llama/llama_index repository, which incorporates proper recursion depth controls and validation mechanisms. Security practitioners should implement comprehensive testing procedures to verify that the patched version properly handles edge cases and maintains expected performance characteristics under normal operating conditions. Additionally, organizations should consider implementing input validation policies that restrict nesting depth on JSON data feeds to prevent similar issues in other components of their software stack. This vulnerability aligns with CWE-674, which addresses uncontrolled recursion in software implementations, and represents a typical example of how insufficient input validation can lead to denial of service conditions that compromise system availability and operational continuity. The ATT&CK framework categorizes this vulnerability under the T1499.004 technique related to network denial of service, as it can be leveraged to disrupt service availability through resource exhaustion mechanisms.