berriai/litellm Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in berriai/litellm version v1.44.5. This issue can be exploited by appending characters, such as dashes, to the end of a multipart boundary in an HTTP request. The server processes each character individually, leading to excessive resource consumption and causing the service to become unavailable. This vulnerability is unauthenticated, does not require user interaction, and affects all users of the service.

Impact

Exploitation of this vulnerability leads to excessive resource consumption, causing the service to become unavailable.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

berriai/litellm Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating