README.md
Rendering markdown...
services:
# PostgreSQL database for LiteLLM user management
db:
image: postgres:15-alpine
container_name: litellm-privesc-db
environment:
POSTGRES_DB: litellm
POSTGRES_USER: litellm
POSTGRES_PASSWORD: litellm123
ports:
- "5433:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U litellm -d litellm"]
interval: 5s
timeout: 3s
retries: 10
restart: unless-stopped
# Vulnerable LiteLLM v1.82.6 — Privilege Escalation via /key/generate + /user/update
# Pinned by digest for long-term reproducibility
litellm:
image: ghcr.io/berriai/litellm@sha256:7c311546c25e7bb6e8cafede9fcd3d0d622ac636b5c9418befaa32e85dfb0186
container_name: litellm-privesc
ports:
- "4000:4000"
environment:
- LITELLM_MASTER_KEY=sk-litellm-master-key
- DATABASE_URL=postgresql://litellm:litellm123@db:5432/litellm
volumes:
- ./config.yaml:/app/config.yaml:ro
command: ["--config", "/app/config.yaml", "--port", "4000"]
depends_on:
db:
condition: service_healthy
restart: unless-stopped
# Fixed: LiteLLM v1.83.14-stable (patched — allowed_routes validation)
litellm-fixed:
image: ghcr.io/berriai/litellm:v1.83.14-stable
container_name: litellm-privesc-fixed
ports:
- "4001:4000"
environment:
- LITELLM_MASTER_KEY=sk-litellm-master-key
- DATABASE_URL=postgresql://litellm:litellm123@db:5432/litellm
volumes:
- ./config.yaml:/app/config.yaml:ro
command: ["--config", "/app/config.yaml", "--port", "4000"]
profiles:
- fixed
depends_on:
db:
condition: service_healthy
restart: unless-stopped