3 matches found
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-6921.
Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-6921. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-6921 DESCRIPTION: The huggingface/transformers library,...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1759 more potentially affected by CVE-2025-6921 via transformers (>=4.0.0 <=4.52.4)
transformers PYPI version =4.0.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.0.1, =0.1.2 and more Source cves: CVE-2025-6921 Source advisory: SNYK:PYTHON-TRANSFORMERS-13018959...
CVE-2025-6921
The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...