SSRF vulnerability in chat completion endpoint
A Server-Side Request Forgery (SSRF) vulnerability in version 1.38.10 allows attackers to intercept OpenAI API keys by specifying a malicious `api_base` parameter. This issue has not yet been patched.
Available publicly on Jul 12 2024
Remediation Steps
- Update the application to validate the
api_baseparameter against a whitelist of allowed domains. - Implement server-side checks to ensure that the
api_baseparameter cannot be set to arbitrary domains. - Regularly rotate API keys and monitor for unauthorized usage.
- Apply rate limiting and budget management controls directly within the OpenAI account settings.
Patch Details
- Fixed Version: N/A
- Patch Commit: N/A
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.