Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communication has been changed to use JSON instead.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.facebook.com/security/advisories/cve-2024-50050 |
![]() ![]() |
History
Thu, 24 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Meta Platforms Inc
Meta Platforms Inc llama Stack |
|
CPEs | cpe:2.3:a:meta_platforms_inc:llama_stack:*:*:*:*:*:*:*:* | |
Vendors & Products |
Meta Platforms Inc
Meta Platforms Inc llama Stack |
|
Metrics |
cvssV3_1
|
Wed, 23 Oct 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution. Socket communication has been changed to use JSON instead. | |
References |
|

Status: PUBLISHED
Assigner: facebook
Published: 2024-10-23T13:35:17.320Z
Updated: 2024-10-24T18:26:22.699Z
Reserved: 2024-10-21T15:18:52.624Z
Link: CVE-2024-50050

Updated: 2024-10-24T18:26:08.699Z

Status : Awaiting Analysis
Published: 2024-10-23T14:15:05.087
Modified: 2024-10-24T19:35:08.107
Link: CVE-2024-50050

No data.