{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-55178", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "state": "PUBLISHED", "assignerShortName": "Meta", "dateReserved": "2025-08-08T18:21:47.119Z", "datePublished": "2025-09-24T18:31:28.309Z", "dateUpdated": "2025-09-24T18:50:01.680Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Llama Stack", "vendor": "Meta Platforms, Inc", "versions": [{"lessThan": "0.2.20", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "dateAssigned": "2025-09-15T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."}], "problemTypes": [{"descriptions": [{"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en"}]}], "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "Meta", "dateUpdated": "2025-09-24T18:31:28.309Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.facebook.com/security/advisories/cve-2025-55178"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/llamastack/llama-stack/pull/3281"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20"}]}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-09-24T18:49:33.013687Z", "id": "CVE-2025-55178", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-24T18:50:01.680Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-55178", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-09-24T18:49:33.013687Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-24T18:49:44.747Z"}}], "cna": {"affected": [{"vendor": "Meta Platforms, Inc", "product": "Llama Stack", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "0.2.20", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.facebook.com/security/advisories/cve-2025-55178", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/llamastack/llama-stack/pull/3281", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20", "tags": ["x_refsource_CONFIRM"]}], "dateAssigned": "2025-09-15T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "shortName": "Meta", "dateUpdated": "2025-09-24T18:31:28.309Z"}}}, "cveMetadata": {"cveId": "CVE-2025-55178", "state": "PUBLISHED", "dateUpdated": "2025-09-24T18:50:01.680Z", "dateReserved": "2025-08-08T18:21:47.119Z", "assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827", "datePublished": "2025-09-24T18:31:28.309Z", "assignerShortName": "Meta"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."}], "id": "CVE-2025-55178", "lastModified": "2025-09-26T14:32:53.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-24T19:15:36.467", "references": [{"source": "cve-assign@fb.com", "url": "https://github.com/llamastack/llama-stack/pull/3281"}, {"source": "cve-assign@fb.com", "url": "https://github.com/llamastack/llama-stack/releases/tag/v0.2.20"}, {"source": "cve-assign@fb.com", "url": "https://www.facebook.com/security/advisories/cve-2025-55178"}], "sourceIdentifier": "cve-assign@fb.com", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "llama-stack: llama stack unverified input", "id": "2397906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397906"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-20", "details": ["Llama Stack prior to version v0.2.20 accepted unverified parameters in the resolve_ast_by_type function which could potentially allow for remote code execution."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-55178", "package_state": [{"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-llama-stack-core-rhel9", "product_name": "Red Hat OpenShift AI (RHOAI)"}], "public_date": "2025-09-24T18:31:28Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-55178\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-55178\nhttps://github.com/llamastack/llama-stack/pull/3281\nhttps://github.com/llamastack/llama-stack/releases/tag/v0.2.20\nhttps://www.facebook.com/security/advisories/cve-2025-55178"], "threat_severity": "Moderate"}

{"created": "2025-09-25T08:21:09.421153+00:00", "updated": "2025-09-25T08:21:09.421208+00:00", "vendors": ["meta_platforms_inc", "meta_platforms_inc$PRODUCT$llama_stack"]}