InnerEye-DeepLearning icon indicating copy to clipboard operation
InnerEye-DeepLearning copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Pytorch-lightning < 1.5.8 is vulnerable and we are using 1.5.5

Open fepegar opened this issue 3 years ago • 0 comments

pytorch-lightning < 1.5.8 is vulnerable to Deserialization of Untrusted Data. We are using 1.5.5:

https://github.com/microsoft/InnerEye-DeepLearning/blob/914a89383d3275cb3304bde9c6cdd6050357f3f7/environment.yml#L57

Should we use a newer version?

AB#4978

fepegar avatar Feb 15 '22 09:02 fepegar