CVE-2024-50050

MEDIUM 6.3

CVSS Score

6.3

EPSS Score

0.0%

EPSS Percentile

0th

Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communication has been changed to use JSON instead.

Vendor	meta platforms, inc
Product	llama stack
Published	Oct 23, 2024
Last Updated	Oct 24, 2024

Stay Ahead of the Next One

Get instant alerts for meta platforms, inc llama stack

Be the first to know when new medium vulnerabilities affecting meta platforms, inc llama stack are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Meta Platforms, Inc / Llama Stack

0 < 7a8aa775e5a267cf8660d83140011a0b7f91e005

References

NVD ↗ CVE.org ↗ EPSS Data ↗

facebook.com: https://www.facebook.com/security/advisories/cve-2024-50050