Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/litellm@1.65.6
Typepypi
Namespace
Namelitellm
Version1.65.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.83.10
Latest_non_vulnerable_version1.83.10
Affected_by_vulnerabilities
0
url VCID-362j-e9vs-73gg
vulnerability_id VCID-362j-e9vs-73gg
summary LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, when JWT authentication is enabled (enable_jwt_auth: true), the OIDC userinfo cache uses token[:20] as the cache key. JWT headers produced by the same signing algorithm generate identical first 20 characters. This configuration option is not enabled by default. Most instances are not affected. An unauthenticated attacker can craft a token whose first 20 characters match a legitimate user's cached token. On cache hit, the attacker inherits the legitimate user's identity and permissions. This affects deployments with JWT/OIDC authentication enabled. Fixed in v1.83.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35030.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35030.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35030
reference_id
reference_type
scores
0
value 0.00048
scoring_system epss
scoring_elements 0.15613
published_at 2026-06-12T12:55:00Z
1
value 0.00048
scoring_system epss
scoring_elements 0.15477
published_at 2026-06-11T12:55:00Z
2
value 0.00064
scoring_system epss
scoring_elements 0.2032
published_at 2026-06-14T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.20342
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35030
2
reference_url https://github.com/BerriAI/litellm
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/BerriAI/litellm
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35030
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35030
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455509
reference_id 2455509
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455509
5
reference_url https://github.com/advisories/GHSA-jjhc-v7c2-5hh6
reference_id GHSA-jjhc-v7c2-5hh6
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jjhc-v7c2-5hh6
6
reference_url https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6
reference_id GHSA-jjhc-v7c2-5hh6
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N
3
value CRITICAL
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-07T14:24:02Z/
url https://github.com/BerriAI/litellm/security/advisories/GHSA-jjhc-v7c2-5hh6
7
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
fixed_packages
0
url pkg:pypi/litellm@1.83.0
purl pkg:pypi/litellm@1.83.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-126s-vxje-v7f7
1
vulnerability VCID-2jce-k6vw-kbe6
2
vulnerability VCID-cgnq-9qen-6uh6
3
vulnerability VCID-hc27-fp8v-jue9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.0
aliases CVE-2026-35030, GHSA-jjhc-v7c2-5hh6
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-362j-e9vs-73gg
1
url VCID-jw3v-fdn2-bugj
vulnerability_id VCID-jw3v-fdn2-bugj
summary LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment variables, register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution, read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image, and take over other privileged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables. Fixed in v1.83.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35029.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35029.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35029
reference_id
reference_type
scores
0
value 0.1938
scoring_system epss
scoring_elements 0.95538
published_at 2026-06-12T12:55:00Z
1
value 0.1938
scoring_system epss
scoring_elements 0.95524
published_at 2026-06-11T12:55:00Z
2
value 0.21671
scoring_system epss
scoring_elements 0.95878
published_at 2026-06-14T12:55:00Z
3
value 0.21671
scoring_system epss
scoring_elements 0.95875
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35029
2
reference_url http://seclists.org/fulldisclosure/2026/Apr/17
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2026/Apr/17
3
reference_url https://github.com/BerriAI/litellm
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/BerriAI/litellm
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35029
reference_id
reference_type
scores
0
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35029
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455474
reference_id 2455474
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455474
6
reference_url https://github.com/advisories/GHSA-53mr-6c8q-9789
reference_id GHSA-53mr-6c8q-9789
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-53mr-6c8q-9789
7
reference_url https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789
reference_id GHSA-53mr-6c8q-9789
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-06T18:41:02Z/
url https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789
8
reference_url https://access.redhat.com/errata/RHSA-2026:13545
reference_id RHSA-2026:13545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13545
fixed_packages
0
url pkg:pypi/litellm@1.83.0
purl pkg:pypi/litellm@1.83.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-126s-vxje-v7f7
1
vulnerability VCID-2jce-k6vw-kbe6
2
vulnerability VCID-cgnq-9qen-6uh6
3
vulnerability VCID-hc27-fp8v-jue9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.0
aliases CVE-2026-35029, GHSA-53mr-6c8q-9789
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jw3v-fdn2-bugj
2
url VCID-tssn-kdqp-jbez
vulnerability_id VCID-tssn-kdqp-jbez
summary 
LiteLLM: Password hash exposure and pass-the-hash authentication bypass
### Impact

Three issues combine into a full authentication bypass chain:

1. Weak hashing: User passwords are stored as unsalted SHA-256 hashes, making them vulnerable to rainbow table attacks and trivially identifying users with identical passwords.
2. Hash exposure: Multiple API endpoints (/user/info, /user/update, /spend/users) return the password hash field in responses to any authenticated user regardless of role. Plaintext passwords could also potentially be exposed in certain scenarios.
4. Pass-the-hash: The /v2/login endpoint accepts the raw SHA-256 hash as a valid password without re-hashing, allowing direct login with a stolen

An already authenticated user can retrieve another user's password hash from the API and use it to log in as that user. This enables full privilege escalation in three HTTP requests.

### Patches

Fixed in v1.83.0. Passwords are now hashed with scrypt (random 16-byte salt, n=16384, r=8, p=1). Password hashes are stripped from all API responses. Existing SHA-256 hashes are transparently migrated on next login.
references
0
reference_url https://github.com/BerriAI/litellm
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/BerriAI/litellm
1
reference_url https://github.com/BerriAI/litellm/security/advisories/GHSA-69x8-hrgq-fjj8
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/BerriAI/litellm/security/advisories/GHSA-69x8-hrgq-fjj8
2
reference_url https://github.com/advisories/GHSA-69x8-hrgq-fjj8
reference_id GHSA-69x8-hrgq-fjj8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-69x8-hrgq-fjj8
fixed_packages
0
url pkg:pypi/litellm@1.83.0
purl pkg:pypi/litellm@1.83.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-126s-vxje-v7f7
1
vulnerability VCID-2jce-k6vw-kbe6
2
vulnerability VCID-cgnq-9qen-6uh6
3
vulnerability VCID-hc27-fp8v-jue9
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.83.0
aliases GHSA-69x8-hrgq-fjj8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tssn-kdqp-jbez
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/litellm@1.65.6