CVE-2025-0330
Exposure of Sensitive Information in berriai/litellm
In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfuse_secret and langfuse_public_key, which can provide full access to the Langfuse project storing all requests.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
berriai · berriai/litellmWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →