PyPi: Litellm

CVE-2024-10188

Safety vulnerability ID: 76299

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 20, 2025 Updated at Apr 03, 2025

Scan your Python projects for vulnerabilities →

Advisory

A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function is not safe and is prone to DoS attacks, which can crash the litellm Python server.

Affected package

litellm

Latest version: 1.65.3

Library to easily interface with LLM API providers

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-gw2q-qw9j-rgv7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10188

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application