@securityrss.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

securityrss.ai

securityrss.bsky.social

did:plc:geidqukzen75knciqkq77vgq

A high-severity vulnerability in Meta's Llama framework, tracked as CVE-2024-50050, allows remote code execution via deserialization of untrusted data. Assigned a CVSS score of 6.3, Snyk rates it critical at 9.3. The flaw exists in the Python Inference API, which uses the risky pickle format. https://thehackernews.com/2025/01/metas-llama-framework-flaw-exposes-ai.html

2025-01-27T16:37:56.958Z