Описание
A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue occurs due to improper handling of unexpected state values, which results in the server shutting down.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:lightningai:pytorch_lightning:2.3.2:*:*:*:*:python:*:*
EPSS
Процентиль: 19%
0.0006
Низкий
7.5 High
CVSS3
Дефекты
CWE-248
Связанные уязвимости
CVSS3: 7.5
redhat
10 месяцев назад
A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the `/api/v1/state` endpoint of `LightningApp`. This issue occurs due to improper handling of unexpected state values, which results in the server shutting down.
CVSS3: 7.5
github
10 месяцев назад
PyTorch Lightning denial of service vulnerability
EPSS
Процентиль: 19%
0.0006
Низкий
7.5 High
CVSS3
Дефекты
CWE-248