8 matches found
CVE-2024-8019
In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...
admetica (>=1.3.0 <=1.4.1), adversarial-insight-ml (=0.1.0) +151 more potentially affected by CVE-2024-8019 via pytorch-lightning (>=2.0.0 <=2.3.3)
pytorch-lightning PYPI version =2.0.0, =1.3.0, =1.8.15, =1.8.17, =1.8.14, =0.1.16, =1.0.0, =0.8.3b20230802, =0.8.3b20230802, =0.8.3b20230802, =1.1.2b20241106 and more Source cves: CVE-2024-8019 Source advisory: SNYK:PYTHON-PYTORCHLIGHTNING-9510928...
ablation (=0.1.0), acids-msprior (>=1.0.1 <=1.1.3) +521 more potentially affected by CVE-2024-8019 via pytorch-lightning (>=0.10.0 <=2.3.3)
pytorch-lightning PYPI version =0.10.0, =1.0.1, =2.1.16, =1.3.0, =1.8.15, =1.8.17, =1.8.14, =0.1.16, =0.2.2, =1.0.0.dev0 - arcagent =0.0.1 - arccmd =0.2.0 - arcmas =0.2.0 and more Source cves: CVE-2024-8019 Source advisory: OSV:GHSA-4CV3-V7PV-RFHF...
CVE-2024-8019
creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:38+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmhomiqy22 2025-03-20 19:18:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8277...
CVE-2024-8019
In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...
CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning
In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...
CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning
In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...
CVE-2024-8019
Lightning AI PyTorch Lightning 2.3.2 exposes a vulnerable LightningApp on Windows via /api/v1/upload_file/. An attacker can write/overwrite arbitrary files by crafting a filename, potentially enabling remote code execution (RCE) and compromising integrity and availability (CVSS 3.1/3.0: 9.1). Aff...