High severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025
Denial of Service in lightning-ai/pytorch-lightning
CVE-2024-8020
Description
A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue occurs due to improper handling of unexpected state values, which results in the server shutting down.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pytorch-lightningPyPI | <= 2.3.2 | — |
Affected products
3- osv-coords2 versions
< 2.2.1-r0+ 1 more
- (no CPE)range: < 2.2.1-r0
- (no CPE)range: <= 2.3.2
- Range: unspecified
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.