CVE-2024-10188
HIGH7.5EPSS 0.27%LiteLLM Vulnerable to Denial of Service (DoS)
發布日:2025/3/20修改日:2025/3/20
描述
A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function is not safe and is prone to DoS attacks, which can crash the litellm Python server.
受影響套件(1)
- PyPI/litellmfrom 0, < 1.53.1.dev1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |