PT-2025-12205 · Lightning Ai · Pytorch-Lightning

Name of the Vulnerable Software and Affected Versions: pytorch-lightning version 2.3.2 Description: A vulnerability in pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue...

CVE-2021-4118

pytorch-lightning is vulnerable to Deserialization of Untrusted Data...

PT-2024-36377 · Unknown +1 · Pytorch-Lightning +1

Name of the Vulnerable Software and Affected Versions: pytorch-lightning version 2.2.1 Description: A remote code execution issue exists due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to...