Lucene search
K

4 matches found

OSV
OSV
added 2025/09/24 9:30 p.m.3 views

GHSA-X75H-M6JJ-6CJ2 Llama Stack could potentially allow for remote code execution

Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolveastbytype function which could potentially allow for remote code execution...

5.3CVSS8AI score0.0047EPSS
Exploits0References6
CVE
CVE
added 2025/09/24 6:31 p.m.14 views

CVE-2025-55178

Summary: Llama Stack versions prior to 0.2.20 are reported to be vulnerable to remote code execution due to unverified parameters accepted by the resolve_ast_by_type function. This root cause is consistently described across multiple sources (CVE-2025-55178 entries and related advisories). Affect...

5.3CVSS7.6AI score0.0047EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.4 views

PT-2025-39321

Name of the Vulnerable Software and Affected Versions Llama Stack versions prior to 0.2.20 Description The software accepts unverified parameters in the resolve ast by type function, which may allow for remote code execution. Recommendations Update to version 0.2.20 or later...

5.3CVSS7.7AI score0.0047EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/09/24 12:0 a.m.3 views

Llama Stack 安全漏洞

Llama Stack is a model component of the Llama Stack API open-sourced by Meta Llama. A security vulnerability exists in Llama Stack versions prior to v0.2.20, which stems from the resolveastbytype function accepting unvalidated parameters, which could lead to remote code execution...

5.3CVSS7.5AI score0.0047EPSS
Exploits0References3
Rows per page
Query Builder