CNNVD-202508-407 Information
CNNVD ID
CNNVD-202508-407
Related CVE
- CNNVD Published: 2025-08-06
Description (Chinese)
Hugging Face Transformers是Hugging Face开源的为 Jax、PyTorch 和 TensorFlow 打造的先进的自然语言处理。 Hugging Face Transformers 4.51.3及之前版本存在安全漏洞,该漏洞源于正则表达式拒绝服务攻击。
Description (English)
The Hugging Face Transformers is an advanced, natural language-processing process for Jax, PyTorch and TensorFlow, an open-source Hugging Face. There is a security loophole in Hugging Face Transports 4.51.3 and previous versions, which stems from regular expressions of denial of service attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Hugging Face
Published
2025-08-06
Last Modified
2026-02-24
References
https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa340838770ad8a0b https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bf https://access.redhat.com/security/cve/cve-2025-5197
Patch
https://github.com/huggingface/transformers/releases
Share on: