3 matches found
CVE-2024-4890
creationtimestamp| type| source ---|---|--- 2025-11-12 15:00:09+00:00| published-proof-of-concept| Telegram/TnTlInxxzNpt0OgbsDLOj6rIodSNCMGeXkGWTk3FIFq8dbI...
aiconsole (>=0.2.0 <=0.2.13), aiflows (>=0.1.5 <=1.1.1) +39 more potentially affected by CVE-2024-4890 via litellm (>=0.1.400 <=1.26.13)
litellm PYPI version =0.1.400, =0.2.0, =0.1.5, =0.1.0, =0.0.1, =0.114.0, =0.0.1, =0.6.3, =0.6.0, =0.2.0, =0.2.4, =0.1.11, =0.0.1, =0.0.25 and more Source cves: CVE-2024-4890 Source advisory: OSV:GHSA-8J42-PCFM-3467...
CVE-2024-4890 Blind SQL Injection in berriai/litellm
A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the 'userid' parameter in the raw SQL query used for deleting users. An attacker can exploit this vulnerability b...