Lucene search
+L

5 matches found

ibm
ibm
added 2025/12/04 7:2 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-5197.

Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-5197. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-5197 DESCRIPTION: A Regular Expression Deni...

5.3CVSS6.4AI score0.00391EPSS
Exploits1Affected Software1
ibm
ibm
added 2025/10/31 6:48 p.m.8 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in huggingface/transformers [CVE-2025-5197]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in huggingface/transformers, due to an exploitable issue in the converttfweightnametoptweightname function CVE-2025-5197. Huggingface/transformers is used in our speech service runtimes. This vulnerabilitiy has been...

5.3CVSS6.6AI score0.00391EPSS
Exploits1Affected Software1
vulnersosv
vulnersosv
added 2025/08/06 12:31 p.m.6 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1855 more potentially affected by CVE-2025-5197 via transformers (>=2.10.0 <=4.52.4)

transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-5197 Source advisory: OSV:GHSA-9356-575X-2W9M...

5.3CVSS6AI score0.00391EPSS
Exploits1
nvd
nvd
added 2025/08/06 12:15 p.m.7 views

CVE-2025-5197

A Regular Expression Denial of Service ReDoS vulnerability exists in the Hugging Face Transformers library, specifically in the converttfweightnametoptweightname function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern /^/^// that can be...

5.3CVSS0.00391EPSS
Exploits1References2
cve
cve
added 2025/08/06 11:53 a.m.104 views

CVE-2025-5197

The CVE-2025-5197 ReDoS vulnerability affects Hugging Face Transformers in the convert_tf_weight_name_to_pt_weight_name() function, where the regex /[^/]___([^/] )/ can cause excessive CPU usage via catastrophic backtracking. Affected versions: up to 4.51.3, with a fix in 4.53.0. Practical impact...

5.3CVSS5AI score0.00391EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder