Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/10/22 10:57 a.m.10 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in transformers-4.48.3-py3-none-any.whl

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in transformers-4.48.3-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers...

6.5CVSS4.6AI score0.00384EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/23 12:42 p.m.4 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses vulnerable huggingface/transformers library.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses vulnerable huggingface/transformers library. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of...

6.5CVSS6.2AI score0.00384EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/28 3:23 p.m.9 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in huggingface/transformers [CVE-2025-1194]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in huggingface/transformers, caused by a regex exhibiting exponential complexity under certain conditions with specially crafted inputs, leading to excessive backtracking CVE-2025-1194. Huggingface/transformers is...

6.5CVSS4.8AI score0.00384EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/23 10:53 a.m.5 views

Security Bulletin: IBM watsonx Code Assistant On Prem product impacted by Input Handling Vulnerability in Transformers 4.49.0

Summary A vulnerability CVE-2025-1194 has been identified in the Transformers Python package version 4.49.0, which impacts the IBM watsonx Code Assistant On-Premises product. The issue arises from improper input validation during model configuration loading, which may allow attackers to execute...

6.5CVSS5.6AI score0.00384EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/29 7:23 a.m.19 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.46.3-py3-none-any.whl CVE-2025-1194

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to transformers-4.46.3-py3-none-any.whl CVE-2025-1194. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of Service...

6.5CVSS6.3AI score0.00384EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/09 12:22 p.m.9 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service [CVE-2024-6827, CVE-2025-1194]

Summary Python modules gunicorn and transformers are used by IBM App Connect Enterprise Certified Container when providing mapping assistance. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service. This bulletin...

7.5CVSS4.5AI score0.00738EPSS
Exploits1Affected Software1
Chainguard
Chainguard
added 2025/05/06 7:14 p.m.34 views

CVE-2025-1194 vulnerabilities

Vulnerabilities for packages: tritonserver-backend-tensorrtllm-24.04...

6.5CVSS6.2AI score0.00384EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/01 12:0 p.m.9 views

CVE-2025-1194

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

6.5CVSS6.7AI score0.00384EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/04/29 12:30 p.m.11 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1691 more potentially affected by CVE-2025-1194 via transformers (>=2.10.0 <=4.4.2)

transformers PYPI version =2.10.0, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.0.1, =0.1.2 and more Source cves: CVE-2025-1194 Source advisory: OSV:GHSA-FPWR-67PX-3QHX...

6.5CVSS6AI score0.00384EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/04/29 12:30 p.m.4 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1595 more potentially affected by CVE-2025-1194 via transformers (>=4.0.0 <=4.4.2)

transformers PYPI version =4.0.0, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.0.1, =0.1.0, =0.1.1 and more Source cves: CVE-2025-1194 Source advisory: SNYK:PYTHON-TRANSFORMERS-9904725...

6.5CVSS6AI score0.00384EPSS
Exploits1
OSV
OSV
added 2025/04/29 11:30 a.m.8 views

CVE-2025-1194 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

A Regular Expression Denial of Service ReDoS vulnerability was identified in the huggingface/transformers library, specifically in the file tokenizationgptneoxjapanese.py of the GPT-NeoX-Japanese model. The vulnerability occurs in the SubWordJapaneseTokenizer class, where regular expressions...

4.3CVSS6.2AI score0.00384EPSS
Exploits1References4
CVE
CVE
added 2025/04/29 11:30 a.m.220 views

CVE-2025-1194

CVE-2025-1194 – ReDoS in HuggingFace Transformers (GPT-NeoX-Japanese SubWordJapaneseTokenizer) The CVE describes a Regular Expression Denial of Service in the HuggingFace transformers package, specifically in tokenization_gpt_neox_japanese.py (GPT-NeoX-Japanese model). The vulnerability arises fr...

6.5CVSS4.5AI score0.00384EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder