漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Denial of Service (DoS) in berriai/litellm
Vulnerability Description
A Denial of Service (DoS) vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request. The server continuously processes each character, leading to excessive resource consumption and rendering the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
LiteLLM 资源管理错误漏洞
Vulnerability Description
LiteLLM是Berri AI开源的一个应用程序。可以使用 OpenAI 格式调用所有 LLM API。 LiteLLM v1.44.5版本存在资源管理错误漏洞,该漏洞源于未正确处理多部分边界,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A