Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 11:16 a.m.8 views

CVE-2024-8019

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

9.1CVSS7.8AI score0.01019EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.7 views

admetica (>=1.3.0 <=1.4.1), adversarial-insight-ml (=0.1.0) +151 more potentially affected by CVE-2024-8019 via pytorch-lightning (>=2.0.0 <=2.3.3)

pytorch-lightning PYPI version =2.0.0, =1.3.0, =1.8.15, =1.8.17, =1.8.14, =0.1.16, =1.0.0, =0.8.3b20230802, =0.8.3b20230802, =0.8.3b20230802, =1.1.2b20241106 and more Source cves: CVE-2024-8019 Source advisory: SNYK:PYTHON-PYTORCHLIGHTNING-9510928...

9.1CVSS7.2AI score0.01019EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.2 views

ablation (=0.1.0), acids-msprior (>=1.0.1 <=1.1.3) +521 more potentially affected by CVE-2024-8019 via pytorch-lightning (>=0.10.0 <=2.3.3)

pytorch-lightning PYPI version =0.10.0, =1.0.1, =2.1.16, =1.3.0, =1.8.15, =1.8.17, =1.8.14, =0.1.16, =0.2.2, =1.0.0.dev0 - arcagent =0.0.1 - arccmd =0.2.0 - arcmas =0.2.0 and more Source cves: CVE-2024-8019 Source advisory: OSV:GHSA-4CV3-V7PV-RFHF...

9.1CVSS7.7AI score0.01019EPSS
Exploits1
Circl
Circl
added 2025/03/20 11:40 a.m.6 views

CVE-2024-8019

creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:38+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmhomiqy22 2025-03-20 19:18:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8277...

9.1CVSS8.5AI score0.01019EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.4 views

CVE-2024-8019

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

9.1CVSS0.01019EPSS
Exploits1References2
OSV
OSV
added 2025/03/20 10:8 a.m.6 views

CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

9.1CVSS7.9AI score0.01019EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/20 10:8 a.m.10 views

CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

9.1CVSS0.01019EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:8 a.m.76 views

CVE-2024-8019

Lightning AI PyTorch Lightning 2.3.2 exposes a vulnerable LightningApp on Windows via /api/v1/upload_file/. An attacker can write/overwrite arbitrary files by crafting a filename, potentially enabling remote code execution (RCE) and compromising integrity and availability (CVSS 3.1/3.0: 9.1). Aff...

9.1CVSS9.4AI score0.01019EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder