CVE-2025-1752 – This CVE describes a Denial of Service vulnerab... (How to Fix)

Q: What is the severity of CVE-2025-1752?

CVE-2025-1752 has a CVSS score of 7.5 (HIGH). This CVE describes a Denial of Service vulnerability in the run-llama/llama_index project's KnowledgeBaseWebReader class. Attackers can crash Python processes by exploiting improper recursion limit handling in the get_article_urls function. Users of llama_index version ~0.12.15 are affected.

📋 TL;DR

This CVE describes a Denial of Service vulnerability in the run-llama/llama_index project's KnowledgeBaseWebReader class. Attackers can crash Python processes by exploiting improper recursion limit handling in the get_article_urls function. Users of llama_index version ~0.12.15 are affected.

💻 Affected Systems

Products:

run-llama/llama_index

Versions: ~0.12.15

Operating Systems: All platforms running Python

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using the KnowledgeBaseWebReader class functionality.

📦 What is this software?

Llamaindex by Llamaindex

View all CVEs affecting Llamaindex →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption through Python process crashes, potentially affecting multiple services if llama_index is used in critical applications.

🟠

Likely Case

Service degradation or temporary unavailability when targeted by DoS attacks, requiring process restarts.

🟢

If Mitigated

Minimal impact with proper input validation and recursion limits in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires access to trigger the vulnerable function, which may be exposed through web interfaces or API endpoints.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit 3c65db2947271de3bd1927dc66a044da385de4da

Vendor Advisory: https://github.com/run-llama/llama_index/commit/3c65db2947271de3bd1927dc66a044da385de4da

Restart Required: Yes

Instructions:

1. Update llama_index to latest version. 2. Restart all Python processes using llama_index. 3. Verify the fix by checking the commit hash includes 3c65db2.

🔧 Temporary Workarounds

Implement recursion limit wrapper

all

Wrap get_article_urls calls with sys.setrecursionlimit() and try/except blocks

import sys
sys.setrecursionlimit(1000)

Disable vulnerable functionality

all

Temporarily disable or restrict access to KnowledgeBaseWebReader features

🧯 If You Can't Patch

Implement rate limiting on endpoints using KnowledgeBaseWebReader
Deploy behind WAF with DoS protection rules

🔍 How to Verify

Check if Vulnerable:

Check if using llama_index version ~0.12.15 and if KnowledgeBaseWebReader is imported/used

Check Version:

pip show llama_index | grep Version

Verify Fix Applied:

Verify commit hash includes 3c65db2947271de3bd1927dc66a044da385de4da

📡 Detection & Monitoring

Log Indicators:

Python recursion limit errors
Process crashes with RecursionError
Unusual repeated calls to web reader endpoints

Network Indicators:

High volume of requests to KnowledgeBaseWebReader endpoints
Pattern of requests designed to trigger recursion

SIEM Query:

source="application.logs" AND ("RecursionError" OR "maximum recursion depth exceeded") AND process="python"

📊 Metadata

CVE ID: CVE-2025-1752

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-674

EPSS Score: 0.06% exploit probability (17.6th percentile)

Published: May 10, 2025

Last Updated: October 15, 2025

🔗 References

https://github.com/run-llama/llama_index/commit/3c65db2947271de3bd1927dc66a044da385de4da Patch
https://huntr.com/bounties/cd7b9082-7d75-42e4-84f5-dbee23cbc467 Exploit,Third Party Advisory
https://huntr.com/bounties/cd7b9082-7d75-42e4-84f5-dbee23cbc467 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-1752, you might also want to check these: