Heads up: LiteLLM, a very popular AI model wrapper, has been compromised.
-
Heads up: LiteLLM, a very popular AI model wrapper, has been compromised. See the attached issue for details and recommended actions.
-
R relay@relay.infosec.exchange shared this topic
-
Heads up: LiteLLM, a very popular AI model wrapper, has been compromised. See the attached issue for details and recommended actions.
No kidding, this package is in a lot more places than you might expect. PyPi has removed the package, but versions
1.82.7and1.82.8are affected. Search for them in your environment now. -
No kidding, this package is in a lot more places than you might expect. PyPi has removed the package, but versions
1.82.7and1.82.8are affected. Search for them in your environment now.@mttaggart when you check your cluster and the container was on 1.82.6 . that was a close one.
-
@mttaggart when you check your cluster and the container was on 1.82.6 . that was a close one.
@varx @mttaggart official containers are thought to be unaffected (as of 16:03UTC )
-
@varx @mttaggart official containers are thought to be unaffected (as of 16:03UTC )
@RichardoC @varx Yes, based on pinning to earlier versions, per this comment:
https://github.com/BerriAI/litellm/issues/24518#issuecomment-4119145829
