Mmetụta
Ụdị LiteLLM 1.81.16 ruo 1.83.7 nwere adịghị ike ịgba ọgwụ SQL dị egwu n'ime usoro nkwenye igodo API nke proxy [S1]. Mgbugbu na-aga nke ọma na-enye ohere ka onye na-awakpo na-akwadoghị ịgafe njikwa nchekwa ma ọ bụ rụọ ọrụ nchekwa data na-akwadoghị [S1]. A na-ekenye adịghị ike a akara CVSS nke 9.8, na-egosipụta mmetụta dị elu ya na nzuzo sistemụ yana iguzosi ike n'ezi ihe [S2].
Ihe kpatara ya
Ọdịmma ahụ dị n'ihi na onye nnọchi anya LiteLLM anaghị ehicha ya nke ọma ma ọ bụ megharịa igodo API enyere na nkụnye eji isi mee Authorization tupu iji ya na ajụjụ nchekwa data [S1]. Nke a na-enye ohere iwu SQL ọjọọ agbakwunyere na nkụnye eji isi mee ihe site na nchekwa data azụ azụ [S3].
Ụdị emetụtara
- LiteLLM *: Ụdị 1.81.16 ruo (ma ọ bụghị gụnyere) 1.83.7 [S1].
Concrete ndozi
- Melite LiteLLM *: kwalite ngwa ngwa
litellmngwungwu ka ọ bụrụ ụdị 1.83.7 ma ọ bụ emechaa iji kwado ntụpọ ịgba ntụtụ [S1]. - Nyochaa ndekọ nchekwa data *: Nyochaa ndekọ ịnweta nchekwa data maka usoro ajụjụ pụrụ iche ma ọ bụ syntax a na-atụghị anya ya sitere na ọrụ proxy [S1].
Nchọpụta Nchọpụta
Ndị otu nchekwa nwere ike mata mkpughe site na:
- Nyocha ụdị *: Nyochaa gburugburu na-egosipụta maka ụdị LiteLLM n'ime oke emetụtara (1.81.16 ruo 1.83.6) [S1].
- Nlebanya onye isi *: Nyochaa arịrịọ mbata na onye nnọchi anya LiteLLM maka usoro ịgba ọgwụ SQL kpọmkwem n'ime oghere
Authorization: Bearertoken [S1].