📦 Pytorch Lightning

This vulnerability in PyTorch Lightning's LightningApp allows attackers to write arbitrary files via a crafted filename at the /api/v1/upload_file/ endpoint on Windows hosts. This can lead to remote c...

A path traversal vulnerability in PyTorch Lightning's /v1/runs API endpoint allows attackers to write arbitrary files anywhere on the local filesystem when extracting malicious tar.gz plugin files. Th...

This vulnerability allows remote attackers to execute arbitrary code on self-hosted PyTorch Lightning applications by exploiting improper deserialization in the deepdiff library. Attackers can bypass ...

CVE-2022-0845 is a critical code injection vulnerability in PyTorch Lightning that allows attackers to execute arbitrary code by exploiting improper input validation. This affects all users of PyTorch...