pytorch-lightning is vulnerable to Deserialization of Untrusted Data
References
Link | Resource |
---|---|
https://github.com/pytorchlightning/pytorch-lightning/commit/62f1e82e032eb16565e676d39e0db0cac7e34ace | Patch Third Party Advisory |
https://huntr.dev/bounties/31832f0c-e5bb-4552-a12c-542f81f111e6 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
09 Oct 2024, 11:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Lightningai
Lightningai pytorch Lightning |
|
CPE | cpe:2.3:a:lightningai:pytorch_lightning:*:*:*:*:*:python:*:* |
Information
Published : 2021-12-23 18:15
Updated : 2024-10-09 11:56
NVD link : CVE-2021-4118
Mitre link : CVE-2021-4118
CVE.ORG link : CVE-2021-4118
JSON object : View
Products Affected
lightningai
- pytorch_lightning
CWE
CWE-502
Deserialization of Untrusted Data