Denial of Service in lightning-ai/pytorch-lightning

A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the `/api/v1/state` endpoint of `LightningApp`. This issue occurs due to improper handling of unexpected state values, which results in the server shutting down.

N/A

未捕获的异常

Lightning 资源管理错误漏洞

Lightning是Lightning AI开源的一个预训练框架，可以在多个 GPU、TPU 上微调任何大小的任何 AI 模型。 Lightning 2.3.2版本存在资源管理错误漏洞，该漏洞源于/api/v1/state端点处理不当，可能导致拒绝服务。

N/A

N/A