Lucene search

CVE-2024-4888

🗓️ 06 Jun 2024 19:03:16Reported by @huntr_aiType

BerriAI's latest version vulnerability: arbitrary file deletion due to improper input validation on '/audio/transcriptions' endpoint. Allows unauthorized deletion of critical files

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2024-4888 Arbitrary File Deletion in BerriAI/litellm	6 Jun 202418:31	–	vulnrichment
Veracode	Arbitrary File Deletion	11 Jun 202406:32	–	veracode
OSV	CVE-2024-4888	6 Jun 202419:16	–	osv
OSV	GHSA-3XR8-QFVJ-9P9J Arbitrary file deletion in litellm	6 Jun 202421:30	–	osv
NVD	CVE-2024-4888	6 Jun 202419:16	–	nvd
Cvelist	CVE-2024-4888 Arbitrary File Deletion in BerriAI/litellm	6 Jun 202418:31	–	cvelist
Github Security Blog	Arbitrary file deletion in litellm	6 Jun 202421:30	–	github

Nvd

Vulnrichment

Node

litellm litellmRange<1.35.19

[
  {
    "vendor": "berriai",
    "product": "berriai/litellm",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "latest"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.com/bounties/48461d89-cf13-4ad3-a43e-0d37da08fc6c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jun 2024 19:16Current

6.9Medium risk

Vulners AI Score6.9

CVSS36.5 - 8.1

EPSS0.00107

SSVC

CWE-862