Vulnerabilities > Litellm > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-6587 | Server-Side Request Forgery (SSRF) vulnerability in Litellm 1.38.10 A Server-Side Request Forgery (SSRF) vulnerability exists in berriai/litellm version 1.38.10. | 7.5 |
| 2024-06-06 | CVE-2024-4888 | Unspecified vulnerability in Litellm BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. | 8.1 |
| 2024-06-06 | CVE-2024-5225 | Unspecified vulnerability in Litellm An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. | 7.2 |
| 2024-06-06 | CVE-2024-4889 | Unspecified vulnerability in Litellm A code injection vulnerability exists in the berriai/litellm application, version 1.34.6, due to the use of unvalidated input in the eval function within the secret management system. | 7.2 |