2 matches found
Insertion of Sensitive Information into Externally-Accessible File or Directory
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Insertion of Sensitive Information into Externally-Accessible File or Directory due to incomplete masking of OCI secret fields in responses from the /models and /v1/models...
Insertion of Sensitive Information into Log File
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the getredirectresponsefromopenid and forwardupstreamtoclient functions. An attacker can obtain sensitive authenticatio...