cbcvebase.
CVE-2024-10188
published 2025-03-20

CVE-2024-10188: A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of…

PriorityP339high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
0.53%
40.5th percentile
A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function is not safe and is prone to DoS attacks, which can crash the litellm Python server.

Affected

2 ranges
VendorProductVersion rangeFixed in
berriaiberriai_litellm>= unspecified < 1.53.11.53.1
litellmlitellm>= 0 < 1.53.1.dev11.53.1.dev1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.