litellm-1.49.0-py3-none-any.whl: 7 vulnerabilities (highest severity is: 8.8) #150
Description
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Vulnerabilities
| Vulnerability | Severity | Dependency | Type | Fixed in (litellm version) | Remediation Possible** | |
|---|---|---|---|---|---|---|
| CVE-2024-6825 | 8.8 | litellm-1.49.0-py3-none-any.whl | Direct | N/A | ❌ | |
| CVE-2025-0628 | 8.1 | litellm-1.49.0-py3-none-any.whl | Direct | 1.61.15 | ❌ | |
| CVE-2025-0330 | 7.5 | litellm-1.49.0-py3-none-any.whl | Direct | 1.56.6 | ❌ | |
| CVE-2024-8984 | 7.5 | litellm-1.49.0-py3-none-any.whl | Direct | 1.56.2 | ❌ | |
| CVE-2024-10188 | 7.5 | litellm-1.49.0-py3-none-any.whl | Direct | 1.53.1 | ❌ | |
| CVE-2025-45809 | 5.4 | litellm-1.49.0-py3-none-any.whl | Direct | N/A | ❌ | |
| CVE-2024-4890 | 4.9 | litellm-1.49.0-py3-none-any.whl | Direct | 1.50.1 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2024-6825
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
BerriAI/litellm version 1.40.12 contains a vulnerability that allows remote code execution. The issue exists in the handling of the 'post_call_rules' configuration, where a callback function can be added. The provided value is split at the final '.' mark, with the last part considered the function name and the remaining part appended with the '.py' extension and imported. This allows an attacker to set a system method, such as 'os.system', as a callback, enabling the execution of arbitrary commands when a chat response is processed.
Publish Date: 2025-03-20
URL: CVE-2024-6825
CVSS 3 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Step up your Open Source Security Game with Mend here
CVE-2025-0628
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.
Publish Date: 2025-03-20
URL: CVE-2025-0628
CVSS 3 Score Details (8.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc
Release Date: 2025-03-20
Fix Resolution: 1.61.15
Step up your Open Source Security Game with Mend here
CVE-2025-0330
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfuse_secret and langfuse_public_key, which can provide full access to the Langfuse project storing all requests.
Publish Date: 2025-03-20
URL: CVE-2025-0330
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Release Date: 2025-03-20
Fix Resolution: 1.56.6
Step up your Open Source Security Game with Mend here
CVE-2024-8984
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
A Denial of Service (DoS) vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request. The server continuously processes each character, leading to excessive resource consumption and rendering the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.
Publish Date: 2025-03-20
URL: CVE-2024-8984
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: GHSA-fh2c-86xm-pm2x
Release Date: 2025-03-20
Fix Resolution: 1.56.2
Step up your Open Source Security Game with Mend here
CVE-2024-10188
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function is not safe and is prone to DoS attacks, which can crash the litellm Python server.
Publish Date: 2025-03-20
URL: CVE-2024-10188
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://huntr.com/bounties/96a32812-213c-4819-ba4e-36143d35e95b
Release Date: 2025-03-20
Fix Resolution: 1.53.1
Step up your Open Source Security Game with Mend here
CVE-2025-45809
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
BerriAI litellm v1.65.4 was discovered to contain a SQL injection vulnerability via the /key/block endpoint.
Publish Date: 2025-07-03
URL: CVE-2025-45809
CVSS 3 Score Details (5.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
Step up your Open Source Security Game with Mend here
CVE-2024-4890
Vulnerable Library - litellm-1.49.0-py3-none-any.whl
Library to easily interface with LLM API providers
Library home page: https://files.pythonhosted.org/packages/5b/a1/dc04cfbd51a4680ee5b46bf24f9c3e1773a4602b3861e66113dd2dbf6672/litellm-1.49.0-py3-none-any.whl
Path to dependency file: /apps/ai-gateway/requirements.txt
Path to vulnerable library: /tmp/ws-ua_20251119015940_IZVAQU/python_MOZZFA/20251119015945/188/litellm-1.49.0-py3-none-any.whl
Dependency Hierarchy:
- ❌ litellm-1.49.0-py3-none-any.whl (Vulnerable Library)
Found in HEAD commit: 43e25fc1ddf9ec3a7bac29606ad4bd4561f14de0
Found in base branch: main
Vulnerability Details
A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the 'user_id' parameter in the raw SQL query used for deleting users. An attacker can exploit this vulnerability by injecting malicious SQL commands through the 'user_id' parameter, leading to potential unauthorized access to sensitive information such as API keys, user information, and tokens stored in the database. The affected version is 1.27.14.
Publish Date: 2024-06-06
URL: CVE-2024-4890
CVSS 3 Score Details (4.9)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://huntr.com/bounties/a4f6d357-5b44-4e00-9cac-f1cc351211d2
Release Date: 2024-06-06
Fix Resolution: 1.50.1
Step up your Open Source Security Game with Mend here