CVE-2024-4889 | berriai litellm eval UI_LOGO_PATH code injection

Posted by Angelo Barbosa | Jun 6, 2024 | CVE

A vulnerability was found in berriai litellm. It has been declared as critical. This vulnerability affects the function eval. The manipulation of the argument UI_LOGO_PATH leads to code injection.

This vulnerability was named CVE-2024-4889. The attack can be initiated remotely. There is no exploit available.

CVE-2024-4889 | berriai litellm eval UI_LOGO_PATH code injection

Related Posts

CVE-2024-22956 | SWFTools 0.9.2 swftools/src/swfc.c removeFromTo use after free (Issue 208)

CVE-2024-2782 | Fluent Contact Form Plugin up to 5.1.16 on WordPress Setting authorization

CVE-2024-26895 | Linux Kernel up to 6.8.1 wilc1000 wilc_netdev_cleanup use after free

CVE-2023-51558 | Foxit PDF Reader AcroForm Doc out-of-bounds (ZDI-23-1871)