CVE-2024-6587 | berriai litellm up to 1.44.8 /chat/completions api_base server-side request forgery

Inserito da Angelo Barbosa | Set 13, 2024 | CVE

A vulnerability, which was classified as critical, was found in berriai litellm up to 1.44.8. This affects an unknown part of the file /chat/completions. The manipulation of the argument api_base leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2024-6587. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-6587 | berriai litellm up to 1.44.8 /chat/completions api_base server-side request forgery

Post correlati

CVE-2023-49396 | JFinalCMS 5.0.0 /admin/category/save cross-site request forgery

CVE-2024-36858 | Jan 0.4.12 File /v1/app/writeFileSync unrestricted upload

CVE-2024-30533 | Techeshta Layouts for Elementor Plugin up to 1.7 on WordPress unrestricted upload

CVE-2023-48245 | Rexroth Nexo Cordless Nutrunner up to V1500-SP2 HTTP Request authorization