CVE-2025-3225 — LlamaIndex has an XML Entity Expansion vulnerability in its sitemap parser

Description

An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llama_index repository, specifically affecting the Papers Loaders package before version 0.3.2 (in llama-index v0.10.0 and above through v0.12.29). This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service (DoS) by exhausting system memory and potentially causing a system crash. The issue is resolved in version 0.3.2 (in llama-index 0.12.29).

How to fix CVE-2025-3225

To remediate CVE-2025-3225, upgrade the affected package to a fixed version below.

—upgrade to 0.3.2 or later

Is CVE-2025-3225 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 0.3.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References (4)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-3225
PATCHgithub.com/run-llama/llama_index
WEBgithub.com/run-llama/llama_index/commit/4f6ee062b19212106a2632af9c9521fc7f0a3584
WEBhuntr.com/bounties/e33c0699-e9a2-49aa-837b-5363205637a2