Lucene search
K

84 matches found

OSV
OSV
added 2025/05/19 12:15 p.m.4 views

PYSEC-2025-40

A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...

7.5CVSS7.2AI score0.00507EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/19 11:22 a.m.10 views

CVE-2025-2099 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...

5.3CVSS5.4AI score0.00507EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/19 11:22 a.m.29 views

CVE-2025-2099 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...

5.3CVSS0.00507EPSS
Exploits1References2
CVE
CVE
added 2025/05/19 11:22 a.m.58 views

CVE-2025-2099

CVE-2025-2099 describes a ReDoS in huggingface/transformers v4.48.3 due to a nested-quantifier regex in preprocess_string() within transformers.testing_utils. The issue causes exponential backtracking on input with many newlines, leading to high CPU usage and potential DoS. Connected documents co...

7.5CVSS5.3AI score0.00507EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/01 12:0 p.m.8 views

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

6.5CVSS6.7AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2025/04/29 12:30 p.m.11 views

GHSA-FPWR-67PX-3QHX Transformers Regular Expression Denial of Service (ReDoS) vulnerability

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

4.3CVSS6.7AI score0.00384EPSS
Exploits1References4
NVD
NVD
added 2025/04/29 12:15 p.m.11 views

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

6.5CVSS0.00384EPSS
Exploits1References2
OSV
OSV
added 2025/04/29 12:15 p.m.8 views

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

6.5CVSS6.5AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/29 11:30 a.m.5 views

CVE-2025-1194 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

4.3CVSS4.6AI score0.00384EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/29 11:30 a.m.21 views

CVE-2025-1194 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

4.3CVSS0.00384EPSS
Exploits1References2
CVE
CVE
added 2025/04/29 11:30 a.m.214 views

CVE-2025-1194

CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...

6.5CVSS4.5AI score0.00384EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/22 1:11 p.m.10 views

CVE-2024-12720

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

7.5CVSS6.7AI score0.00684EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.18 views

Transformers Regular Expression Denial of Service (ReDoS) vulnerability

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

7.5CVSS6.6AI score0.00684EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/20 12:32 p.m.5 views

GHSA-6RVG-6V2M-4J46 Transformers Regular Expression Denial of Service (ReDoS) vulnerability

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

5.3CVSS6.9AI score0.00684EPSS
Exploits0References4
NVD
NVD
added 2025/03/20 10:15 a.m.9 views

CVE-2024-12720

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

7.5CVSS0.00684EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 10:15 a.m.8 views

CVE-2024-12720

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

7.5CVSS6.9AI score
Exploits0References2
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.16 views

CVE-2024-12720 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

5.3CVSS0.00684EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.7 views

CVE-2024-12720 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationnougatfast.py. The vulnerability occurs in the postprocesssingle function, where a regular expression processes specially crafted input. The issu...

5.3CVSS5.2AI score0.00684EPSS
Exploits0References2
CVE
CVE
added 2025/03/20 10:11 a.m.251 views

CVE-2024-12720

CVE-2024-12720 affects Hugging Face Transformers, in particular the file tokenization_nougat_fast.py within the post_process_single() function. The issue is a RegEx that can exhibit exponential backtracking, leading to high CPU usage and potential DoS under crafted input. Affected version cited: ...

7.5CVSS6.8AI score0.00684EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.3 views

PT-2025-12141 · Hugging Face · Huggingface/Transformers

Name of the Vulnerable Software and Affected Versions: huggingface/transformers version v4.46.3 Description: A Regular Expression Denial of Service ReDoS issue was identified in the huggingface/transformers library, specifically in the file tokenization nougat fast.py. The issue occurs in the pos...

7.5CVSS6.9AI score0.00684EPSS
Exploits0References8
Rows per page
Query Builder