CVE-2025-55178
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-26
Assigner: Facebook, Inc.
Description
Description
Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| meta_platforms | llama_stack | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Llama Stack versions prior to v0.2.20 involves the resolve_ast_by_type function accepting unverified parameters, which could potentially allow an attacker to execute code remotely.
How can this vulnerability impact me? :
The vulnerability could allow remote code execution, meaning an attacker might run malicious code on your system without authorization, potentially compromising system integrity or security.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70