GHSA-2vj5-px25-gjrp
Suggest an improvement- Source
- https://github.com/advisories/GHSA-2vj5-px25-gjrp
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/01/GHSA-2vj5-px25-gjrp/GHSA-2vj5-px25-gjrp.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-2vj5-px25-gjrp
- Aliases
- Published
- 2022-01-06T23:58:59Z
- Modified
- 2024-10-25T21:01:10.567601Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- 8.5 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- pytorch-lightning is vulnerable to Deserialization of Untrusted Data
- Details
-
pytorch-lightning is vulnerable to Deserialization of Untrusted Data.
- Database specific
{ "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-502" ], "nvd_published_at": "2021-12-23T18:15:00Z", "github_reviewed_at": "2022-01-05T17:49:21Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-4118
- https://github.com/PyTorchLightning/pytorch-lightning/issues/11045
- https://github.com/PyTorchLightning/pytorch-lightning/pull/11099
- https://github.com/pytorchlightning/pytorch-lightning/commit/62f1e82e032eb16565e676d39e0db0cac7e34ace
- https://github.com/PyTorchLightning/pytorch-lightning/releases/tag/1.6.0
- https://github.com/advisories/GHSA-2vj5-px25-gjrp
- https://github.com/pypa/advisory-database/tree/main/vulns/pytorch-lightning/PYSEC-2021-874.yaml
- https://github.com/pytorchlightning/pytorch-lightning
- https://huntr.dev/bounties/31832f0c-e5bb-4552-a12c-542f81f111e6
Affected packages
PyPI / pytorch-lightning
Package
- Name
- pytorch-lightning
- View open source insights on deps.dev
- Purl
- pkg:pypi/pytorch-lightning
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.6.0
Affected versions
0.*
0.0.2
0.2
0.2.2
0.2.3
0.2.4
0.2.4.1
0.2.5
0.2.5.1
0.2.5.2
0.2.6
0.3
0.3.1
0.3.2
0.3.3
0.3.4
0.3.4.1
0.3.5
0.3.6
0.3.6.1
0.3.6.3
0.3.6.4
0.3.6.5
0.3.6.6
0.3.6.7
0.3.6.8
0.3.6.9
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.4.5
0.4.6
0.4.7
0.4.8
0.4.9
0.5.0
0.5.1
0.5.1.2
0.5.1.3
0.5.2
0.5.2.1
0.5.3
0.5.3.1
0.5.3.2
0.5.3.3
0.6.0
0.7.1
0.7.3
0.7.5
0.7.6
0.8.1
0.8.3
0.8.4
0.8.5
0.9.0
0.10.0
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.1.5
1.1.6
1.1.7
1.1.8
1.2.0rc0
1.2.0rc1
1.2.0rc2
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.2.10
1.3.0rc1
1.3.0rc2
1.3.0rc3
1.3.0
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.3.6
1.3.7
1.3.7.post0
1.3.8
1.4.0rc0
1.4.0rc1
1.4.0rc2
1.4.0
1.4.1
1.4.2
1.4.3
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.9
1.5.0rc0
1.5.0rc1
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.5.10
1.6.0rc0
1.6.0rc1