CVE-2024-50050 PoC — Llama Stack 安全漏洞

Source

https://github.com/sastraadiwiguna-purpleeliteteaming/LlamaStack-RCE-Deterministic-Supply-Chain-Exploitation-Hardening-Framework-CVE-2024-50050-

Associated Vulnerability

Title:Llama Stack 安全漏洞 (CVE-2024-50050)
Description:Llama Stack是Meta Llama开源的一个 Llama Stack API 的模型组件。 Llama Stack 7a8aa775e5a267cf8660d83140011a0b7f91e005之前版本存在安全漏洞，该漏洞源于使用pickle作为套接字通信的序列化格式，可能允许远程代码执行。

Description

LlamaStack-RCE: Deterministic Supply Chain Exploitation & Hardening Framework [CVE-2024-50050] Focus on AI Security Research AI-SupplyChain-Poisoning: Advanced PVM Opcode Manipulation & ZeroMQ Injection Lab

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!