3 matches found
GHSA-H6M6-JJ8V-94JJ SQL injection in litellm
An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the /global/spend/logs endpoint. The vulnerability arises due to improper neutralization of special elements used in an SQL command. The affected code constructs an SQL query by concatenating an unvalidat...
CVE-2024-5225 SQL Injection in berriai/litellm
An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the /global/spend/logs endpoint. The vulnerability arises due to improper neutralization of special elements used in an SQL command. The affected code constructs an SQL query by concatenating an unvalidat...
CVE-2024-5225
The CVE-2024-5225 issue affects litellm (LiteLLM) / berriai/litellm, specifically the /global/spend/logs endpoint, where the code builds an SQL query by directly concatenating an unvalidated api_key parameter. This SQL Injection vulnerability can lead to unauthorized access, data manipulation, ex...