bug(llm): Unsupported OpenAI-Version header provided: 2024-02-15 subdomain attack surface #339
Description
Current Behavior
Subdomain > Show Attack Surface generates error
proxy-1 | 192.168.20.21 - - [25/Sep/2025:09:05:01 +0000] "GET /api/tools/llm_get_possible_attacks/?subdomain_id=31043&force_regenerate=false&check_only=true HTTP/2.0" 200 83 "https://192.168.20.105/scan/examplecom/7" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" "-"
ollama-1 | [GIN] 2025/09/25 - 09:05:01 | 200 | 92.711µs | 172.19.0.7 | GET "/api/tags"
proxy-1 | 192.168.20.21 - - [25/Sep/2025:09:05:01 +0000] "GET /api/tools/llm_models/ HTTP/2.0" 200 1236 "https://192.168.20.105/scan/examplecom/7" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" "-"
proxy-1 | 192.168.20.21 - - [25/Sep/2025:09:05:04 +0000] "PUT /api/tool/ollama/gpt-4/ HTTP/2.0" 200 55 "https://192.168.20.105/scan/examplecom/7" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" "-"
web-1 | openai | error_code=None error_message='Unsupported OpenAI-Version header provided: 2024-02-15. (HINT: you can provide any of the following supported versions: 2020-10-01, 2020-11-07. Alternatively, you can simply omit this header to use the default version associated with your account.)' error_param=headers:openai-version error_type=invalid_request_error message='OpenAI API error received' stream_error=False
web-1 | llm.get_attack_suggestion | ERROR | Error in get_attack_suggestion: Unsupported OpenAI-Version header provided: 2024-02-15. (HINT: you can provide any of the following supported versions: 2020-10-01, 2020-11-07. Alternatively, you can simply omit this header to use the default version associated with your account.)
web-1 | Traceback (most recent call last):
web-1 | File "/home/rengine/rengine/reNgine/llm/llm.py", line 234, in get_attack_suggestion
web-1 | response_content = self._get_openai_response(validated_input, model_name)
web-1 | File "/home/rengine/rengine/reNgine/llm/llm.py", line 264, in _get_openai_response
web-1 | response = openai.ChatCompletion.create(
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_resources/chat_completion.py", line 25, in create
web-1 | return super().create(*args, **kwargs)
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_resources/abstract/engine_api_resource.py", line 153, in create
web-1 | response, _, api_key = requestor.request(
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_requestor.py", line 298, in request
web-1 | resp, got_stream = self._interpret_response(result, stream)
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_requestor.py", line 700, in _interpret_response
web-1 | self._interpret_response_line(
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_requestor.py", line 765, in _interpret_response_line
web-1 | raise self.handle_error_response(
web-1 | openai.error.InvalidRequestError: Unsupported OpenAI-Version header provided: 2024-02-15. (HINT: you can provide any of the following supported versions: 2020-10-01, 2020-11-07. Alternatively, you can simply omit this header to use the default version associated with your account.)
web-1 | reNgine.llm.llm | Error in get_attack_suggestion: Unsupported OpenAI-Version header provided: 2024-02-15. (HINT: you can provide any of the following supported versions: 2020-10-01, 2020-11-07. Alternatively, you can simply omit this header to use the default version associated with your account.)
web-1 | Traceback (most recent call last):
web-1 | File "/home/rengine/rengine/reNgine/llm/llm.py", line 234, in get_attack_suggestion
web-1 | response_content = self._get_openai_response(validated_input, model_name)
web-1 | File "/home/rengine/rengine/reNgine/llm/llm.py", line 264, in _get_openai_response
web-1 | response = openai.ChatCompletion.create(
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_resources/chat_completion.py", line 25, in create
web-1 | return super().create(*args, **kwargs)
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_resources/abstract/engine_api_resource.py", line 153, in create
web-1 | response, _, api_key = requestor.request(
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_requestor.py", line 298, in request
web-1 | resp, got_stream = self._interpret_response(result, stream)
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_requestor.py", line 700, in _interpret_response
web-1 | self._interpret_response_line(
web-1 | File "/home/rengine/.cache/pypoetry/virtualenvs/celery-rengine-HmEJnPQT-py3.10/lib/python3.10/site-packages/openai/api_requestor.py", line 765, in _interpret_response_line
web-1 | raise self.handle_error_response(
web-1 | openai.error.InvalidRequestError: Unsupported OpenAI-Version header provided: 2024-02-15. (HINT: you can provide any of the following supported versions: 2020-10-01, 2020-11-07. Alternatively, you can simply omit this header to use the default version associated with your account.)
proxy-1 | 192.168.20.21 - - [25/Sep/2025:09:05:05 +0000] "GET /api/tools/llm_get_possible_attacks/?subdomain_id=31043&force_regenerate=false&check_only=false&llm_model=gpt-4 HTTP/2.0" 200 846 "https://192.168.20.105/scan/examplecom/7" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36" "-"
celery-beat-1 | django_celery_beat.schedulers | Writing entries...
Expected Behavior
Shows attack surface generated by OpenAI
Steps To Reproduce
Scan History > View View Results on Scan > Subdomains > Show Attack Surface
Environment
- reNgine: 2.2.1
- OS: Ubuntu 22.04
- Python: 3.10.4
- Docker Engine: 28.4.0, build d8eb465
- Docker Compose:
- Browser: Vivaldi 7.6.3797.55 (Stable channel) stable (64-bit)Anything else?
No response
Acknowledgements
- This issue is not a duplicate of an existing bug report.
- I have chosen an appropriate title.
- All requested information has been provided properly.