4 matches found
Regular Expression Denial of Service (ReDoS)
Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the preprocessstring function in the transformers.testingutils module. An attacker can cause high CPU usa...
PYSEC-2025-40
A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...
PT-2025-21933 · Hugging Face · Transformers
Name of the Vulnerable Software and Affected Versions: huggingface/transformers version v4.48.3 Description: A vulnerability in the preprocess string function of the transformers.testing utils module allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to...
transformers 安全漏洞
transformers is a Hugging Face open source application for machine learning. A security vulnerability exists in transformers version v4.48.3, which stems from improper handling of regular expressions in the preprocessstring function and could lead to a regular expression denial of service attack...