CVE-2024-2952

Опубликовано: 10 апр. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the /completions endpoint. The vulnerability arises from the hf_chat_template method processing the chat_template parameter from the tokenizer_config.json file through the Jinja template engine without proper sanitization. Attackers can exploit this by crafting malicious tokenizer_config.json files that execute arbitrary code on the server.

Ссылки

https://github.com/berriai/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3
Patch
https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4
Exploit
Third Party Advisory
https://github.com/berriai/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3
Patch
https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*

Версия до 1.34.42 (исключая)

EPSS

Процентиль: 80%

0.0145

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-76

Связанные уязвимости

GHSA-46cm-pfwv-cgf8