Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2025/09/24 11:28 p.m.7 views

SUSE CVE-2025-6921

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

7.5CVSS6.8AI score0.00467EPSS
Exploits1References3
Snyk
Snyk
added 2025/09/23 3:31 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview transformers is a State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the douseweightdecay function. An attacker can cause excessive CPU consumption and make services...

7.5CVSS5.4AI score0.00467EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/09/23 3:31 p.m.6 views

Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

7.5CVSS6.8AI score0.00467EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/09/23 1:56 p.m.6 views

CVE-2025-6921 Regular Expression Denial of Service (ReDoS) in huggingface/transformers

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service ReDoS in the AdamWeightDecay optimizer. The vulnerability arises from the douseweightdecay method, which processes user-controlled regular expressions in the includeinweightdecay...

5.3CVSS6.1AI score0.00467EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.9 views

PT-2025-39174

Name of the Vulnerable Software and Affected Versions huggingface/transformers versions prior to 4.53.0 Description The software is susceptible to a Regular Expression Denial of Service ReDoS within the AdamWeightDecay optimizer. The issue stems from the do use weight decay method, which handles...

7.5CVSS6.1AI score0.00467EPSS
Exploits1References15
Rows per page
Query Builder