PT-2025-12256 · Unknown · Berriai/Litellm

CVE-2024-8984

·

Published

2025-03-20

·

Updated

2026-07-07

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions berriai/litellm version v1.44.5
Description A Denial of Service (DoS) vulnerability exists. This vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request. The server continuously processes each character, leading to excessive resource consumption and rendering the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.
Recommendations For berriai/litellm version v1.44.5, ensure that input validation is implemented to properly handle multipart boundary strings and prevent the addition of extraneous characters.

Exploit

Fix

DoS

Resource Exhaustion

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2024-8984
GHSA-FH2C-86XM-PM2X
PYSEC-2026-1545

Affected Products

Berriai/Litellm