CVE-2024-2952 | berriai litellm Jinja Template tokenizer_config.json hf_chat_template equivalent special elements

Inserito da Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability was found in berriai litellm. It has been declared as critical. Affected by this vulnerability is the function hf_chat_template of the file tokenizer_config.json of the component Jinja Template Handler. The manipulation of the argument chat_template leads to improper neutralization of equivalent special elements.

This vulnerability is known as CVE-2024-2952. The attack can be launched remotely. There is no exploit available.

CVE-2024-2952 | berriai litellm Jinja Template tokenizer_config.json hf_chat_template equivalent special elements

Post correlati

CVE-2021-47044 | Linux Kernel up to 5.10.36/5.11.20/5.12.3 sched load_balance out-of-bounds

CVE-2024-9024 | Material Design Icons Plugin up to 0.0.5 on WordPress Shortcode mdi-icon cross site scripting

CVE-2024-1969 | Secomea GateManager prior 11.2.624095033 buffer overflow

CVE-2024-7353 | Accept Stripe Payments Plugin up to 2.0.86 on WordPress Shortcode accept_stripe_payment_ng cross site scripting