{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T10:46:38.162","vulnerabilities":[{"cve":{"id":"CVE-2024-8020","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:39.137","lastModified":"2025-10-15T13:15:53.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the `/api/v1/state` endpoint of `LightningApp`. This issue occurs due to improper handling of unexpected state values, which results in the server shutting down."},{"lang":"es","value":"Una vulnerabilidad en lightning-ai/pytorch-lightning versión 2.3.2 permite a un atacante provocar una denegación de servicio mediante el envío de una solicitud POST inesperada al endpoint `/api/v1/state` de `LightningApp`. Este problema se produce debido a la gestión incorrecta de valores de estado inesperados, lo que provoca el apagado del servidor."}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lightningai:pytorch_lightning:2.3.2:*:*:*:*:python:*:*","matchCriteriaId":"9DAFEB66-8316-421A-A6DC-9BF552A7AB6B"}]}]}],"references":[{"url":"https://huntr.com/bounties/8b642a78-2b80-4fb0-9b2f-8ba0ff37db6a","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]}]}}]}