3 matches found
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933.
Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-3933 DESCRIPTION: A Regular Expression Deni...
GHSA-37MW-44QP-F5JM Transformers is vulnerable to ReDoS attack through its DonutProcessor class
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json method. This vulnerability affects versions 4.51.3 and earlier, and is fixed in version 4.52.1. The issue arises from the...
Regular Expression Denial of Service (ReDoS)
Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the token2json function in the processingdonut module. An attacker can cause high CPU usage and potential...