CVE-2024-8020 Information

Description

A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue occurs due to improper handling of unexpected state values which results in the server shutting down.

Reference

https://huntr.com/bounties/8b642a78-2b80-4fb0-9b2f-8ba0ff37db6a