67 matches found
Malicious code in @posthog/url-normalizer-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3af45430785d7a562e6a3ccfe29b377e17c6c71d4bbcefa7a8e4fc67e95977c8 The package @posthog/url-normalizer-plugin was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-198928
Malicious code in @posthog/url-normalizer-plugin npm...
MAL-2025-190897 Malicious code in @posthog/url-normalizer-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3af45430785d7a562e6a3ccfe29b377e17c6c71d4bbcefa7a8e4fc67e95977c8 The package @posthog/url-normalizer-plugin was found to contain malicious code. Source: google-open-source-security...
Regular Expression Denial Of Service (ReDoS)
Transformers is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient handling of numeric strings in the normalizenumbers method of the EnglishNormalizer class, which allows an attacker to exploit crafted input with long digit sequences to cause excessi...
RUSTSEC-2025-0082 `unic-normal` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...
RUSTSEC-2025-0078 `unic-ucd-normal` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer...
`unic-ucd-hangul` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...
`unic-normal` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...
EUVD-2021-21443
Malware in sbrugna...
EUVD-2024-52975
Malicious code in bioql PyPI...
EUVD-2025-29125
Malicious code in bioql PyPI...
GHSA-RCV9-QM8P-9P6J Hugging Face Transformers library has Regular Expression Denial of Service
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...
Hugging Face Transformers library has Regular Expression Denial of Service
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...
Regular Expression Denial of Service (ReDoS)
Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the normalizenumbers function of the EnglishNormalizer class. An attacker can cause excessive CPU...
CVE-2025-6051
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...
CVE-2025-6051
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...
CVE-2025-6051 Regular Expression Denial of Service (ReDoS) in huggingface/transformers
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...
CVE-2025-6051 Regular Expression Denial of Service (ReDoS) in huggingface/transformers
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library, specifically within the normalizenumbers method of the EnglishNormalizer class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises fro...
CVE-2025-6051
CVE-2025-6051 is a ReDoS in Hugging Face Transformers’ EnglishNormalizer.normalize_numbers(), affecting versions up to 4.52.4 and fixed in 4.53.0. The issue arises from numeric string handling, enabling crafted inputs with long digit sequences to cause excessive CPU usage, impacting text-to-speec...
PT-2025-37422
Name of the Vulnerable Software and Affected Versions: Hugging Face Transformers versions up to 4.52.4 Description: A Regular Expression Denial of Service ReDoS vulnerability exists in the normalize numbers method of the EnglishNormalizer class. This issue arises from the method's handling of...