CVE-2025-3225: LlamaIndex has an XML Entity Expansion vulnerability in its sitemap parser

July 7, 2025

An XML Entity Expansion vulnerability, also known as a ‘billion laughs’ attack, exists in the sitemap parser of the run-llama/llama_index repository, specifically affecting the Papers Loaders package before version 0.3.2 (in llama-index v0.10.0 and above through v0.12.29). This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service (DoS) by exhausting system memory and potentially causing a system crash. The issue is resolved in version 0.3.2 (in llama-index 0.12.29).

References

github.com/advisories/GHSA-w42r-mrx7-c633
github.com/run-llama/llama_index
github.com/run-llama/llama_index/commit/4f6ee062b19212106a2632af9c9521fc7f0a3584
huntr.com/bounties/e33c0699-e9a2-49aa-837b-5363205637a2
nvd.nist.gov/vuln/detail/CVE-2025-3225

Code Behaviors & Features

Detect and mitigate CVE-2025-3225 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →