undefined | Better HN

0 pointsoutside23441d ago0 comments

Is it just in 1.82.8 or are previous versions impacted?

0 comments

1.82.7 is also impacted if I remember correctly.

1.82.7 doesn't have litellm_init.pth in the archive. You can download them from pypi to check.

EDIT: no, it's compromised, see proxy/proxy_server.py.

1.82.7 has the payload in `litellm/proxy/proxy_server.py` which executes on import.

j / k navigate · click thread line to collapse

0 pointsoutside23441d ago0 comments

Is it just in 1.82.8 or are previous versions impacted?

1.82.7 is also impacted if I remember correctly.

1.82.7 doesn't have litellm_init.pth in the archive. You can download them from pypi to check.

EDIT: no, it's compromised, see proxy/proxy_server.py.

1.82.7 has the payload in `litellm/proxy/proxy_server.py` which executes on import.

j / k navigate · click thread line to collapse