VYPR
High severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025

Denial of Service in lightning-ai/pytorch-lightning

CVE-2024-8020

Description

A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue occurs due to improper handling of unexpected state values, which results in the server shutting down.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pytorch-lightningPyPI
<= 2.3.2

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.