9 matches found
CVE-2025-14929
A flaw was found in the Hugging Face Transformers library. The parsing of checkpoints fails to validate user-supplied data, causing a deserialization of untrusted data. An attacker can exploit this issue by providing a malicious X-CLIP model, resulting in arbitrary code execution in the context o...
PYSEC-2025-217
Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...
CVE-2025-14929
Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...
PYSEC-2025-217
Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...
CVE-2025-14929
Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...
CVE-2025-14929
CVE-2025-14929 concerns Hugging Face Transformers (X-CLIP) checkpoint conversion. The vulnerability stems from improper validation during checkpoint parsing, enabling deserialization of untrusted data and resulting in remote code execution in the process that handles the file. Attacker interactio...
CVE-2025-14929 Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability
Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this...
Hugging Face Transformers 代码问题漏洞
Hugging Face Transformers is a Hugging Face open source framework for defining state-of-the-art machine learning models covering textual, visual, audio, and multimodal models for inference and training. A code issue vulnerability exists in Hugging Face Transformers that stems from a lack of...
PT-2025-52386
Name of the Vulnerable Software and Affected Versions Hugging Face Transformers affected versions not specified Description A flaw exists in Hugging Face Transformers related to the parsing of checkpoints, allowing remote attackers to execute arbitrary code. The issue stems from insufficient...