Lucene search
K

4 matches found

Snyk
Snyk
added 2025/05/19 12:30 p.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the preprocessstring function in the transformers.testingutils module. An attacker can cause high CPU usa...

7.5CVSS6.8AI score0.00507EPSS
Exploits1References2
PyPA
PyPA
added 2025/05/19 12:15 p.m.8 views

PYSEC-2025-40

A vulnerability in the preprocessstring function of the transformers.testingutils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leadin...

7.5CVSS7.1AI score0.00507EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.4 views

PT-2025-21933 · Hugging Face · Transformers

Name of the Vulnerable Software and Affected Versions: huggingface/transformers version v4.48.3 Description: A vulnerability in the preprocess string function of the transformers.testing utils module allows for a Regular Expression Denial of Service ReDoS attack. The regular expression used to...

7.5CVSS5AI score0.00507EPSS
Exploits1References13
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.2 views

transformers 安全漏洞

transformers is a Hugging Face open source application for machine learning. A security vulnerability exists in transformers version v4.48.3, which stems from improper handling of regular expressions in the preprocessstring function and could lead to a regular expression denial of service attack...

7.5CVSS5.4AI score0.00507EPSS
Exploits1References3
Rows per page
Query Builder