Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-69w3-r845-3855
  • PyPI/transformers
 HuggingFace Transformers allows for arbitrary code execution in the `Trainer` class 07 Apr
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-4w7r-h757-3r74
  • PyPI/transformers
 Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer 23 Sep 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-rcv9-qm8p-9p6j
  • PyPI/transformers
 Hugging Face Transformers library has Regular Expression Denial of Service 14 Sep 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-59p9-h35m-wg4g
  • PyPI/transformers
 Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer 12 Sep 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-9356-575x-2w9m
  • PyPI/transformers
 Hugging Face Transformers Regular Expression Denial of Service (ReDoS) vulnerability 06 Aug 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-37mw-44qp-f5jm
  • PyPI/transformers
 Transformers is vulnerable to ReDoS attack through its DonutProcessor class 11 Jul 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-489j-g2vx-39wf
  • PyPI/transformers
 Transformers vulnerable to ReDoS attack through its SETTING_RE variable 07 Jul 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-jjph-296x-mrcr
  • PyPI/transformers
 Transformers vulnerable to ReDoS attack through its get_imports() function 07 Jul 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-phhr-52qp-3mj4
  • PyPI/transformers
 Transformers's Improper Input Validation vulnerability can be exploited through username injection 07 Jul 2025
  • Fix available
  • Severity - 3.5 (Low)
GHSA-q2wp-rjmx-x6x9
  • PyPI/transformers
 Transformers's ReDoS vulnerability in get_configuration_file can lead to catastrophic backtracking 07 Jul 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-qq3j-4f4f-9583
  • PyPI/transformers
 Hugging Face Transformers Regular Expression Denial of Service 19 May 2025
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2025-40
  • PyPI/transformers
  • github.com/huggingface/transformers
 See record for full details 19 May 2025
  • Fix available
  • Severity - 7.5 (High)
GHSA-fpwr-67px-3qhx
  • PyPI/transformers
 Transformers Regular Expression Denial of Service (ReDoS) vulnerability 29 Apr 2025
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-6rvg-6v2m-4j46
  • PyPI/transformers
 Transformers Regular Expression Denial of Service (ReDoS) vulnerability 20 Mar 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-hxxf-235m-72v3
  • PyPI/transformers
 Deserialization of Untrusted Data in Hugging Face Transformers 23 Nov 2024
  • Fix available
  • Severity - 8.8 (High)
GHSA-qxrp-vhvm-j765
  • PyPI/transformers
 Deserialization of Untrusted Data in Hugging Face Transformers 23 Nov 2024
  • Fix available
  • Severity - 7.5 (High)
Load more...(1 page left)