CVE-2024-2952
Last modified
CVE-2024-2952 is a vulnerability of currently unknown severity. BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. The vulnerability arises from the `hf_chat_template` method processing the `chat_template` parameter from the `tokenizer_config.json` file through the Jinja template engine without proper sanitization. EPSS estimates a 1.26% chance of exploitation in the next 30 days.
Description
BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. The vulnerability arises from the `hf_chat_template` method processing the `chat_template` parameter from the `tokenizer_config.json` file through the Jinja template engine without proper sanitization. Attackers can exploit this by crafting malicious `tokenizer_config.json` files that execute arbitrary code on the server.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Litellm | Litellm | < 1.34.42 |
References
- https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4Exploit, Third Party Advisory
- https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-2952?
How severe is CVE-2024-2952?
How do I fix CVE-2024-2952?
Are you affected by CVE-2024-2952?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST