6 matches found
EUVD-2025-21126
Malicious code in bioql PyPI...
Transformers is vulnerable to ReDoS attack through its DonutProcessor class
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json method. This vulnerability affects versions 4.51.3 and earlier, and is fixed in version 4.52.1. The issue arises from the...
CVE-2025-3933
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the...
CVE-2025-3933
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the...
CVE-2025-3933 Regular Expression Denial of Service (ReDoS) in huggingface/transformers
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's token2json method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the...
Regular expression Denial of Service - ReDoS in huggingface/transformers
Description A regular expression denial of service ReDoS vulnerability has been identified in the Hugging Face Transformers library's Donut processor. The vulnerability exists in the token2json method of the DonutProcessor class, which processes document tokens into JSON format. The regex pattern...