CVE-2024-9606 in litellminformation

Résumé

par MITRE • 20/03/2025

In berriai/litellm before version 1.44.12, the `litellm/litellm_core_utils/litellm_logging.py` file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount of the secret key. The issue affects version v1.44.9.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsable

@huntr Ai

Réserver

07/10/2024

Divulgation

20/03/2025

Modérer

accepté

Entrée

VDB-300419

CPE

prêt

EPSS

0.00708

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!