Regular Expression Denial Of Service (ReDoS)

Transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing due to a regex with exponential time complexity in the SubWordJapaneseTokenizer class, leading to excessive backtracking and high CPU usage...

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

CVE-2025-1194

CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...

PT-2025-18141 · Hugging Face · Huggingface/Transformers

Name of the Vulnerable Software and Affected Versions: huggingface/transformers library version v4.48.1 Description: A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization gpt neox japanese.py of the...

Regular expression Denial of Service - ReDoS

Description A Regular Expression Denial of Service ReDoS vulnerability was identified in the Transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...