CVE-2024-6587

Name of the Vulnerable Software and Affected Versions berriai/litellm version 1.38.10

Description A Server-Side Request Forgery (SSRF) vulnerability exists, allowing users to specify the api base parameter when making requests to POST /chat/completions. This causes the application to send the request to the domain specified by api base, which includes the OpenAI API key. A malicious user can set the api base to their own domain, intercept the OpenAI API key, and gain unauthorized access, potentially misusing the API key.

Recommendations For version 1.38.10, as a temporary workaround, consider restricting access to the POST /chat/completions endpoint or disabling the ability to specify the api base parameter until a patch is available. Avoid using the api base parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.