5 matches found
CVE-2025-3262
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the SETTINGRE variable within the transformers/commands/chat.py file. The...
CVE-2025-3262 Regular Expression Denial of Service (ReDoS) in huggingface/transformers
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the SETTINGRE variable within the transformers/commands/chat.py file. The...
CVE-2025-3262
CVE-2025-3262 — Hugging Face Transformers ReDoS : In version 4.49.0 of the transformers repository, the regex in SETTING_RE within transformers/commands/chat.py enables exponential backtracking under crafted inputs, causing denial-of-service (DoS) risk. The issue is fixed in version 4.51.0. Remed...
CVE-2019-25159
A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the argument dniprofe leads to sql injection. Upgrading to version 4.51.0 is able to address this...
CVE-2019-25159 mpedraza2020 Intranet del Monterroso cargos.php sql injection
A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been classified as critical. This affects an unknown part of the file config/cargos.php. The manipulation of the argument dniprofe leads to sql injection. Upgrading to version 4.51.0 is able to address this...