Deserialization of Untrusted Data
Overview llama-stack is a Llama Stack Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the use of pickle as a serialization format for socket communication. An attacker can execute arbitrary code by sending maliciously crafted data that is deserialized...