4 matches found
GHSA-X75H-M6JJ-6CJ2 Llama Stack could potentially allow for remote code execution
Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolveastbytype function which could potentially allow for remote code execution...
CVE-2025-55178
Summary: Llama Stack versions prior to 0.2.20 are reported to be vulnerable to remote code execution due to unverified parameters accepted by the resolve_ast_by_type function. This root cause is consistently described across multiple sources (CVE-2025-55178 entries and related advisories). Affect...
PT-2025-39321
Name of the Vulnerable Software and Affected Versions Llama Stack versions prior to 0.2.20 Description The software accepts unverified parameters in the resolve ast by type function, which may allow for remote code execution. Recommendations Update to version 0.2.20 or later...
Llama Stack 安全漏洞
Llama Stack is a model component of the Llama Stack API open-sourced by Meta Llama. A security vulnerability exists in Llama Stack versions prior to v0.2.20, which stems from the resolveastbytype function accepting unvalidated parameters, which could lead to remote code execution...