{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-55178", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "state": "PUBLISHED", "assignerShortName": "Meta", "dateReserved": "2025-08-08T18:21:47.119Z", "datePublished": "2025-09-24T18:31:28.309Z", "dateUpdated": "2025-09-24T18:50:01.680Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Llama Stack", "vendor": "Meta Platforms, Inc", "versions": [{"lessThan": "0.2.20", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "dateAssigned": "2025-09-15T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."}], "problemTypes": [{"descriptions": [{"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en"}]}], "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "Meta", "dateUpdated": "2025-09-24T18:31:28.309Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.facebook.com/security/advisories/cve-2025-55178"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/llamastack/llama-stack/pull/3281"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20"}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-24T18:49:33.013687Z", "id": "CVE-2025-55178", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-24T18:50:01.680Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-55178", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-09-24T18:49:33.013687Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-24T18:49:44.747Z"}}], "cna": {"affected": [{"vendor": "Meta Platforms, Inc", "product": "Llama Stack", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "0.2.20", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.facebook.com/security/advisories/cve-2025-55178", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/llamastack/llama-stack/pull/3281", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20", "tags": ["x_refsource_CONFIRM"]}], "dateAssigned": "2025-09-15T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "Meta", "dateUpdated": "2025-09-24T18:31:28.309Z"}}}, "cveMetadata": {"cveId": "CVE-2025-55178", "state": "PUBLISHED", "dateUpdated": "2025-09-24T18:50:01.680Z", "dateReserved": "2025-08-08T18:21:47.119Z", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "datePublished": "2025-09-24T18:31:28.309Z", "assignerShortName": "Meta"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."}, {"lang": "es", "value": "Llama Stack anterior a la versi\u00f3n v0.2.20 aceptaba par\u00e1metros no verificados en la funci\u00f3n resolve_ast_by_type, lo que potencialmente podr\u00eda permitir la ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2025-55178", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-24T19:15:36.467", "references": [{"source": "cve-assign@fb.com", "url": "https://github.com/llamastack/llama-stack/pull/3281"}, {"source": "cve-assign@fb.com", "url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20"}, {"source": "cve-assign@fb.com", "url": "https://www.facebook.com/security/advisories/cve-2025-55178"}], "sourceIdentifier": "cve-assign@fb.com", "vulnStatus": "Deferred"}

{"bugzilla": {"description": "llama-stack: llama stack unverified input", "id": "2397906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397906"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-20", "details": ["Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-55178", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-llama-stack-core-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2025-09-24T18:31:28Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-55178\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-55178\nhttps://github.com/llamastack/llama-stack/pull/3281\nhttps://github.com/llamastack/llama-stack/releases/tag/v0.2.20\nhttps://www.facebook.com/security/advisories/cve-2025-55178"], "threat_severity": "Moderate"}

{"created": "2025-09-25T08:21:09.421153+00:00", "updated": "2025-09-25T08:21:09.421208+00:00", "vendors": ["meta_platforms_inc", "meta_platforms_inc$PRODUCT$llama_stack"]}