Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/707802?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/707802?format=api", "purl": "pkg:pypi/litellm@1.15.10", "type": "pypi", "namespace": "", "name": "litellm", "version": "1.15.10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.83.10", "latest_non_vulnerable_version": "1.83.10", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/358609?format=api", "vulnerability_id": "VCID-29vc-8g8f-zbf4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50768", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50901", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50917", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10188" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/berriai/litellm/commit/21156ff5d0d84a7dd93f951ca033275c77e4f73c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/berriai/litellm/commit/21156ff5d0d84a7dd93f951ca033275c77e4f73c" }, { "reference_url": "https://huntr.com/bounties/96a32812-213c-4819-ba4e-36143d35e95b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.com/bounties/96a32812-213c-4819-ba4e-36143d35e95b" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10188" }, { "reference_url": "https://github.com/advisories/GHSA-gw2q-qw9j-rgv7", "reference_id": "GHSA-gw2q-qw9j-rgv7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-gw2q-qw9j-rgv7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377832?format=api", "purl": "pkg:pypi/litellm@1.53.1.dev1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.53.1.dev1" } ], "aliases": [ "CVE-2024-10188", "GHSA-gw2q-qw9j-rgv7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29vc-8g8f-zbf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71801?format=api", "vulnerability_id": "VCID-362j-e9vs-73gg", "summary": "LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35030.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35030.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15613", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15477", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20342", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35030" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35030", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35030" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455509", "reference_id": "2455509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455509" }, { "reference_url": "https://github.com/advisories/GHSA-jjhc-v7c2-5hh6", "reference_id": "GHSA-jjhc-v7c2-5hh6", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jjhc-v7c2-5hh6" }, { "reference_url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6", "reference_id": "GHSA-jjhc-v7c2-5hh6", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "9.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:24:02Z/" } ], "url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373348?format=api", "purl": "pkg:pypi/litellm@1.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-126s-vxje-v7f7" }, { "vulnerability": "VCID-2jce-k6vw-kbe6" }, { "vulnerability": "VCID-cgnq-9qen-6uh6" }, { "vulnerability": "VCID-hc27-fp8v-jue9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.0" } ], "aliases": [ "CVE-2026-35030", "GHSA-jjhc-v7c2-5hh6" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-362j-e9vs-73gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47354?format=api", "vulnerability_id": "VCID-58cv-nn1s-qqdx", "summary": "A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the `eval` function unsafely in the `litellm.get_secret()` method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the `eval` function without any sanitization. Attackers can exploit this vulnerability by injecting malicious values into environment variables through the `/config/update` endpoint, which allows for the update of settings in `proxy_server_config.yaml`.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03284", "scoring_system": "epss", "scoring_elements": "0.87524", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03284", "scoring_system": "epss", "scoring_elements": "0.87474", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03284", "scoring_system": "epss", "scoring_elements": "0.87517", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4264" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2104-L2108", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2104-L2108" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2118", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2118" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2509-L2517", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2509-L2517" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2562-L2577", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/main/litellm/proxy/proxy_server.py#L2562-L2577" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/main/litellm/utils.py#L9867-L9885", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/main/litellm/utils.py#L9867-L9885" }, { "reference_url": "https://huntr.com/bounties/a3221b0c-6e25-4295-ab0f-042997e8fc61", "reference_id": "a3221b0c-6e25-4295-ab0f-042997e8fc61", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-08-05T19:26:40Z/" } ], "url": "https://huntr.com/bounties/a3221b0c-6e25-4295-ab0f-042997e8fc61" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4264", "reference_id": "CVE-2024-4264", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4264" }, { "reference_url": "https://github.com/advisories/GHSA-7ggm-4rjg-594w", "reference_id": "GHSA-7ggm-4rjg-594w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7ggm-4rjg-594w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/707901?format=api", "purl": "pkg:pypi/litellm@1.28.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-9euc-j2j6-7ba3" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-dzdw-y87c-9fh7" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" }, { "vulnerability": "VCID-vgkp-n2vv-k7c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.28.13" } ], "aliases": [ "CVE-2024-4264", "GHSA-7ggm-4rjg-594w" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-58cv-nn1s-qqdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47863?format=api", "vulnerability_id": "VCID-9euc-j2j6-7ba3", "summary": "BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes the specified file without proper authorization or validation. This vulnerability is present in the code where `os.remove(file.filename)` is used to delete a file, allowing any user to delete critical files on the server such as SSH keys, SQLite databases, or configuration files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4888", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18398", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1842", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18233", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4888" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/pull/3193", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/pull/3193" }, { "reference_url": "https://huntr.com/bounties/48461d89-cf13-4ad3-a43e-0d37da08fc6c", "reference_id": "48461d89-cf13-4ad3-a43e-0d37da08fc6c", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T19:29:54Z/" } ], "url": "https://huntr.com/bounties/48461d89-cf13-4ad3-a43e-0d37da08fc6c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4888", "reference_id": "CVE-2024-4888", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H" }, { "value": "7.0", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4888" }, { "reference_url": "https://github.com/advisories/GHSA-3xr8-qfvj-9p9j", "reference_id": "GHSA-3xr8-qfvj-9p9j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3xr8-qfvj-9p9j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32043?format=api", "purl": "pkg:pypi/litellm@1.35.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" }, { "vulnerability": "VCID-vgkp-n2vv-k7c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.35.36" } ], "aliases": [ "CVE-2024-4888", "GHSA-3xr8-qfvj-9p9j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9euc-j2j6-7ba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39046?format=api", "vulnerability_id": "VCID-ddyq-1w9w-6bg6", "summary": "berriai/litellm version 1.34.34 is vulnerable to improper access control in its team management functionality. This vulnerability allows attackers to perform unauthorized actions such as creating, updating, viewing, deleting, blocking, and unblocking any teams, as well as adding or deleting any member to or from any teams. The vulnerability stems from insufficient access control checks in various team management endpoints, enabling attackers to exploit these functionalities without proper authorization.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24233", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24029", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24225", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5710" }, { "reference_url": "https://github.com/berriai/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/berriai/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/224148d6133ee50801cb129cbd21ccc213992e25/litellm/proxy/auth/user_api_key_auth.py#L1020", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/224148d6133ee50801cb129cbd21ccc213992e25/litellm/proxy/auth/user_api_key_auth.py#L1020" }, { "reference_url": "https://github.com/BerriAI/litellm/commit/da3ae00bd68f451ed8ddf0bc0a9fd34bde5554d6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/commit/da3ae00bd68f451ed8ddf0bc0a9fd34bde5554d6" }, { "reference_url": "https://huntr.com/bounties/70897f59-a966-4d93-b71e-745e3da91970", "reference_id": "70897f59-a966-4d93-b71e-745e3da91970", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-27T19:53:47Z/" } ], "url": "https://huntr.com/bounties/70897f59-a966-4d93-b71e-745e3da91970" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5710", "reference_id": "CVE-2024-5710", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5710" }, { "reference_url": "https://github.com/advisories/GHSA-qqcv-vg9f-5rr3", "reference_id": "GHSA-qqcv-vg9f-5rr3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qqcv-vg9f-5rr3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32316?format=api", "purl": "pkg:pypi/litellm@1.40.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.40.15" } ], "aliases": [ "CVE-2024-5710", "GHSA-qqcv-vg9f-5rr3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddyq-1w9w-6bg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63758?format=api", "vulnerability_id": "VCID-dzdw-y87c-9fh7", "summary": "BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. The vulnerability arises from the `hf_chat_template` method processing the `chat_template` parameter from the `tokenizer_config.json` file through the Jinja template engine without proper sanitization. Attackers can exploit this by crafting malicious `tokenizer_config.json` files that execute arbitrary code on the server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01434", "scoring_system": "epss", "scoring_elements": "0.81109", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01434", "scoring_system": "epss", "scoring_elements": "0.81177", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01434", "scoring_system": "epss", "scoring_elements": "0.81169", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2952" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/0d803e13798db40aa7463e64a6bafaee386424f5/litellm/proxy/proxy_server.py#L2087", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/0d803e13798db40aa7463e64a6bafaee386424f5/litellm/proxy/proxy_server.py#L2087" }, { "reference_url": "https://github.com/BerriAI/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3" }, { "reference_url": "https://github.com/BerriAI/litellm/issues/2949", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/issues/2949" }, { "reference_url": "https://github.com/BerriAI/litellm/pull/2941", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/pull/2941" }, { "reference_url": "https://github.com/berriai/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3", "reference_id": "8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-03T15:32:17Z/" } ], "url": "https://github.com/berriai/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3" }, { "reference_url": "https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4", "reference_id": "a9e0a164-6de0-43a4-a640-0cbfb54220a4", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-03T15:32:17Z/" } ], "url": "https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2952", "reference_id": "CVE-2024-2952", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2952" }, { "reference_url": "https://github.com/advisories/GHSA-46cm-pfwv-cgf8", "reference_id": "GHSA-46cm-pfwv-cgf8", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-46cm-pfwv-cgf8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/707939?format=api", "purl": "pkg:pypi/litellm@1.34.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-9euc-j2j6-7ba3" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" }, { "vulnerability": "VCID-vgkp-n2vv-k7c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.34.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/30315?format=api", "purl": "pkg:pypi/litellm@1.34.42", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-9euc-j2j6-7ba3" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" }, { "vulnerability": "VCID-vgkp-n2vv-k7c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.34.42" } ], "aliases": [ "CVE-2024-2952", "GHSA-46cm-pfwv-cgf8" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dzdw-y87c-9fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/120637?format=api", "vulnerability_id": "VCID-efwj-d5hx-kye8", "summary": "An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51171", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51186", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5104", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0628" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0628", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0628" }, { "reference_url": "https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b", "reference_id": "566d9354aab4215091b2e51ad0333e948125fa1b", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:49:22Z/" } ], "url": "https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b" }, { "reference_url": "https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc", "reference_id": "6c0e2f75-2d03-42f9-9530-e16a973317fc", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-20T17:49:22Z/" } ], "url": "https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc" }, { "reference_url": "https://github.com/advisories/GHSA-fjcf-3j3r-78rp", "reference_id": "GHSA-fjcf-3j3r-78rp", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fjcf-3j3r-78rp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377928?format=api", "purl": "pkg:pypi/litellm@1.61.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-tssn-kdqp-jbez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.61.15" } ], "aliases": [ "CVE-2025-0628", "GHSA-fjcf-3j3r-78rp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efwj-d5hx-kye8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/358726?format=api", "vulnerability_id": "VCID-j4xv-tkgp-q7em", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.4343", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43587", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43606", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9606" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/berriai/litellm/commit/9094071c4782183e84f10630e2450be3db55509a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/berriai/litellm/commit/9094071c4782183e84f10630e2450be3db55509a" }, { "reference_url": "https://huntr.com/bounties/4a03796f-a8d4-4293-84ef-d3959456223a", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.com/bounties/4a03796f-a8d4-4293-84ef-d3959456223a" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9606", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9606" }, { "reference_url": "https://github.com/advisories/GHSA-g5pg-73fc-hjwq", "reference_id": "GHSA-g5pg-73fc-hjwq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g5pg-73fc-hjwq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377857?format=api", "purl": "pkg:pypi/litellm@1.44.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.44.12" } ], "aliases": [ "CVE-2024-9606", "GHSA-g5pg-73fc-hjwq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4xv-tkgp-q7em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71576?format=api", "vulnerability_id": "VCID-jw3v-fdn2-bugj", "summary": "LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment variables, register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution, read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image, and take over other privileged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables. Fixed in v1.83.0.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35029.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35029.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1938", "scoring_system": "epss", "scoring_elements": "0.95538", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.1938", "scoring_system": "epss", "scoring_elements": "0.95524", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.21671", "scoring_system": "epss", "scoring_elements": "0.95875", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-35029" }, { "reference_url": "http://seclists.org/fulldisclosure/2026/Apr/17", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2026/Apr/17" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35029", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35029" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455474", "reference_id": "2455474", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455474" }, { "reference_url": "https://github.com/advisories/GHSA-53mr-6c8q-9789", "reference_id": "GHSA-53mr-6c8q-9789", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-53mr-6c8q-9789" }, { "reference_url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789", "reference_id": "GHSA-53mr-6c8q-9789", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T18:41:02Z/" } ], "url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373348?format=api", "purl": "pkg:pypi/litellm@1.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-126s-vxje-v7f7" }, { "vulnerability": "VCID-2jce-k6vw-kbe6" }, { "vulnerability": "VCID-cgnq-9qen-6uh6" }, { "vulnerability": "VCID-hc27-fp8v-jue9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.0" } ], "aliases": [ "CVE-2026-35029", "GHSA-53mr-6c8q-9789" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jw3v-fdn2-bugj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38927?format=api", "vulnerability_id": "VCID-k2fv-6edv-q3gr", "summary": "BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the `add_deployment` function, which decodes and decrypts environment variables from base64 and assigns them to `os.environ`. An attacker can exploit this by sending a malicious payload to the `/config/update` endpoint, which is then processed and executed by the server when the `get_secret` function is triggered. This requires the server to use Google KMS and a database to store a model.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05359", "scoring_system": "epss", "scoring_elements": "0.9033", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.05359", "scoring_system": "epss", "scoring_elements": "0.90292", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.05359", "scoring_system": "epss", "scoring_elements": "0.90322", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5751" }, { "reference_url": "https://github.com/berriai/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/berriai/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/commit/fcea4c22ad96b24436f196ae709f71932e84b0b8", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/commit/fcea4c22ad96b24436f196ae709f71932e84b0b8" }, { "reference_url": "https://github.com/BerriAI/litellm/pull/4228", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/pull/4228" }, { "reference_url": "https://huntr.com/bounties/ae623c2f-b64b-4245-9ed4-f13a0a5824ce", "reference_id": "ae623c2f-b64b-4245-9ed4-f13a0a5824ce", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-06-27T20:20:04Z/" } ], "url": "https://huntr.com/bounties/ae623c2f-b64b-4245-9ed4-f13a0a5824ce" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5751", "reference_id": "CVE-2024-5751", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5751" }, { "reference_url": "https://github.com/advisories/GHSA-gppg-gqw8-wh9g", "reference_id": "GHSA-gppg-gqw8-wh9g", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gppg-gqw8-wh9g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32319?format=api", "purl": "pkg:pypi/litellm@1.40.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.40.16" } ], "aliases": [ "CVE-2024-5751", "GHSA-gppg-gqw8-wh9g" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2fv-6edv-q3gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47862?format=api", "vulnerability_id": "VCID-kqcb-nxq1-abdq", "summary": "A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the 'user_id' parameter in the raw SQL query used for deleting users. An attacker can exploit this vulnerability by injecting malicious SQL commands through the 'user_id' parameter, leading to potential unauthorized access to sensitive information such as API keys, user information, and tokens stored in the database. The affected version is 1.27.14.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20426", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20623", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20602", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4890" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/pull/2954", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/pull/2954" }, { "reference_url": "https://huntr.com/bounties/a4f6d357-5b44-4e00-9cac-f1cc351211d2", "reference_id": "a4f6d357-5b44-4e00-9cac-f1cc351211d2", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T19:35:28Z/" } ], "url": "https://huntr.com/bounties/a4f6d357-5b44-4e00-9cac-f1cc351211d2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4890", "reference_id": "CVE-2024-4890", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4890" }, { "reference_url": "https://github.com/advisories/GHSA-8j42-pcfm-3467", "reference_id": "GHSA-8j42-pcfm-3467", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8j42-pcfm-3467" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/707897?format=api", "purl": "pkg:pypi/litellm@1.28.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-58cv-nn1s-qqdx" }, { "vulnerability": "VCID-9euc-j2j6-7ba3" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-dzdw-y87c-9fh7" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" }, { "vulnerability": "VCID-vgkp-n2vv-k7c9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.28.0" } ], "aliases": [ "CVE-2024-4890", "GHSA-8j42-pcfm-3467" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kqcb-nxq1-abdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50456?format=api", "vulnerability_id": "VCID-mnn6-ght8-5bg1", "summary": "A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the `api_base` parameter when making requests to `POST /chat/completions`, causing the application to send the request to the domain specified by `api_base`. This request includes the OpenAI API key. A malicious user can set the `api_base` to their own domain and intercept the OpenAI API key, leading to unauthorized access and potential misuse of the API key.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88631", "scoring_system": "epss", "scoring_elements": "0.9953", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.88631", "scoring_system": "epss", "scoring_elements": "0.99528", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.88631", "scoring_system": "epss", "scoring_elements": "0.99529", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6587" }, { "reference_url": "https://github.com/berriai/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/berriai/litellm" }, { "reference_url": "https://huntr.com/bounties/4001e1a2-7b7a-4776-a3ae-e6692ec3d997", "reference_id": "4001e1a2-7b7a-4776-a3ae-e6692ec3d997", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:52:13Z/" } ], "url": "https://huntr.com/bounties/4001e1a2-7b7a-4776-a3ae-e6692ec3d997" }, { "reference_url": "https://github.com/berriai/litellm/commit/ba1912afd1b19e38d3704bb156adf887f91ae1e0", "reference_id": "ba1912afd1b19e38d3704bb156adf887f91ae1e0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:52:13Z/" } ], "url": "https://github.com/berriai/litellm/commit/ba1912afd1b19e38d3704bb156adf887f91ae1e0" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6587", "reference_id": "CVE-2024-6587", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6587" }, { "reference_url": "https://github.com/advisories/GHSA-g26j-5385-hhw3", "reference_id": "GHSA-g26j-5385-hhw3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g26j-5385-hhw3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/33372?format=api", "purl": "pkg:pypi/litellm@1.44.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.44.8" } ], "aliases": [ "CVE-2024-6587", "GHSA-g26j-5385-hhw3" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnn6-ght8-5bg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/120702?format=api", "vulnerability_id": "VCID-s1sj-yr6f-afdc", "summary": "In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfuse_secret and langfuse_public_key, which can provide full access to the Langfuse project storing all requests.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59249", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59261", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.59138", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0330" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0330", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0330" }, { "reference_url": "https://huntr.com/bounties/661b388a-44d8-4ad5-862b-4dc5b80be30a", "reference_id": "661b388a-44d8-4ad5-862b-4dc5b80be30a", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:53:38Z/" } ], "url": "https://huntr.com/bounties/661b388a-44d8-4ad5-862b-4dc5b80be30a" }, { "reference_url": "https://github.com/advisories/GHSA-879v-fggm-vxw2", "reference_id": "GHSA-879v-fggm-vxw2", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-879v-fggm-vxw2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/788154?format=api", "purl": "pkg:pypi/litellm@1.52.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.52.2" } ], "aliases": [ "CVE-2025-0330", "GHSA-879v-fggm-vxw2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1sj-yr6f-afdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/359769?format=api", "vulnerability_id": "VCID-tssn-kdqp-jbez", "summary": "LiteLLM: Password hash exposure and pass-the-hash authentication bypass\n### Impact\n\nThree issues combine into a full authentication bypass chain:\n\n1. Weak hashing: User passwords are stored as unsalted SHA-256 hashes, making them vulnerable to rainbow table attacks and trivially identifying users with identical passwords.\n2. Hash exposure: Multiple API endpoints (/user/info, /user/update, /spend/users) return the password hash field in responses to any authenticated user regardless of role. Plaintext passwords could also potentially be exposed in certain scenarios.\n4. Pass-the-hash: The /v2/login endpoint accepts the raw SHA-256 hash as a valid password without re-hashing, allowing direct login with a stolen\n\nAn already authenticated user can retrieve another user's password hash from the API and use it to log in as that user. This enables full privilege escalation in three HTTP requests.\n\n### Patches\n\nFixed in v1.83.0. Passwords are now hashed with scrypt (random 16-byte salt, n=16384, r=8, p=1). Password hashes are stripped from all API responses. Existing SHA-256 hashes are transparently migrated on next login.", "references": [ { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-69x8-hrgq-fjj8", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "8.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-69x8-hrgq-fjj8" }, { "reference_url": "https://github.com/advisories/GHSA-69x8-hrgq-fjj8", "reference_id": "GHSA-69x8-hrgq-fjj8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-69x8-hrgq-fjj8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373348?format=api", "purl": "pkg:pypi/litellm@1.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-126s-vxje-v7f7" }, { "vulnerability": "VCID-2jce-k6vw-kbe6" }, { "vulnerability": "VCID-cgnq-9qen-6uh6" }, { "vulnerability": "VCID-hc27-fp8v-jue9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.0" } ], "aliases": [ "GHSA-69x8-hrgq-fjj8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tssn-kdqp-jbez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34559?format=api", "vulnerability_id": "VCID-vc9h-2h9t-v3bs", "summary": "A Denial of Service (DoS) vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request. The server continuously processes each character, leading to excessive resource consumption and rendering the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.71167", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.71064", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.71154", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8984" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/blob/8c5ff150f6142608ffe968e4e68429f978fda187/litellm/tests/test_spend_logs.py#L242", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/blob/8c5ff150f6142608ffe968e4e68429f978fda187/litellm/tests/test_spend_logs.py#L242" }, { "reference_url": "https://github.com/BerriAI/litellm/commit/4f49f836aa844ac9b6bfbeff27e6f6b2b9cf3f61", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/commit/4f49f836aa844ac9b6bfbeff27e6f6b2b9cf3f61" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8984", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8984" }, { "reference_url": "https://huntr.com/bounties/554fc76b-3097-4223-b4cf-110b853e9355", "reference_id": "554fc76b-3097-4223-b4cf-110b853e9355", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-20T17:54:05Z/" } ], "url": "https://huntr.com/bounties/554fc76b-3097-4223-b4cf-110b853e9355" }, { "reference_url": "https://github.com/advisories/GHSA-fh2c-86xm-pm2x", "reference_id": "GHSA-fh2c-86xm-pm2x", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fh2c-86xm-pm2x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/377974?format=api", "purl": "pkg:pypi/litellm@1.56.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-tssn-kdqp-jbez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.56.2" } ], "aliases": [ "CVE-2024-8984", "GHSA-fh2c-86xm-pm2x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vc9h-2h9t-v3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39199?format=api", "vulnerability_id": "VCID-vgkp-n2vv-k7c9", "summary": "An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elements used in an SQL command. The affected code constructs an SQL query by concatenating an unvalidated `api_key` parameter directly into the query, making it susceptible to SQL Injection if the `api_key` contains malicious data. This issue affects the latest version of the repository. Successful exploitation of this vulnerability could lead to unauthorized access, data manipulation, exposure of confidential information, and denial of service (DoS).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47999", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47842", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47983", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5225" }, { "reference_url": "https://github.com/BerriAI/litellm", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm" }, { "reference_url": "https://github.com/BerriAI/litellm/commit/f75c15d6cd535aa78014378ad532de1df6be2f56", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/commit/f75c15d6cd535aa78014378ad532de1df6be2f56" }, { "reference_url": "https://github.com/BerriAI/litellm/pull/3940", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/BerriAI/litellm/pull/3940" }, { "reference_url": "https://huntr.com/bounties/491e4884-0306-4cd4-8fe2-9a19de33bf5c", "reference_id": "491e4884-0306-4cd4-8fe2-9a19de33bf5c", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-06T20:15:02Z/" } ], "url": "https://huntr.com/bounties/491e4884-0306-4cd4-8fe2-9a19de33bf5c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5225", "reference_id": "CVE-2024-5225", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5225" }, { "reference_url": "https://github.com/advisories/GHSA-h6m6-jj8v-94jj", "reference_id": "GHSA-h6m6-jj8v-94jj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-h6m6-jj8v-94jj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/32040?format=api", "purl": "pkg:pypi/litellm@1.40.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29vc-8g8f-zbf4" }, { "vulnerability": "VCID-362j-e9vs-73gg" }, { "vulnerability": "VCID-ddyq-1w9w-6bg6" }, { "vulnerability": "VCID-efwj-d5hx-kye8" }, { "vulnerability": "VCID-j4xv-tkgp-q7em" }, { "vulnerability": "VCID-jw3v-fdn2-bugj" }, { "vulnerability": "VCID-k2fv-6edv-q3gr" }, { "vulnerability": "VCID-mnn6-ght8-5bg1" }, { "vulnerability": "VCID-s1sj-yr6f-afdc" }, { "vulnerability": "VCID-tssn-kdqp-jbez" }, { "vulnerability": "VCID-vc9h-2h9t-v3bs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.40.0" } ], "aliases": [ "CVE-2024-5225", "GHSA-h6m6-jj8v-94jj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgkp-n2vv-k7c9" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.15.10" }