Skip to content

transformers-4.36.0-py3-none-any.whl: 24 vulnerabilities (highest severity is: 8.8) #60

Open
Open
transformers-4.36.0-py3-none-any.whl: 24 vulnerabilities (highest severity is: 8.8)#60
Labels
Mend: dependency security vulnerabilitySecurity vulnerability detected by Mend
@mend-bolt-for-github

Description

@mend-bolt-for-github
mend-bolt-for-github
bot
opened on Mar 29, 2026
Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Vulnerabilities

Vulnerability Severity CVSS Dependency Type Fixed in (transformers version) Remediation Possible**
CVE-2024-11394 High 8.8 transformers-4.36.0-py3-none-any.whl Direct 4.48.0
CVE-2024-11393 High 8.8 transformers-4.36.0-py3-none-any.whl Direct 4.48.0
CVE-2025-14930 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14929 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14928 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14927 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14926 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14924 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14921 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-14920 High 7.8 transformers-4.36.0-py3-none-any.whl Direct N/A
CVE-2025-3262 High 7.5 transformers-4.36.0-py3-none-any.whl Direct 4.51.0
CVE-2025-2099 High 7.5 transformers-4.36.0-py3-none-any.whl Direct 4.50.0
CVE-2024-11392 High 7.5 transformers-4.36.0-py3-none-any.whl Direct 4.48.0
CVE-2025-6921 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.53.0
CVE-2025-6638 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.53.0
CVE-2025-6051 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.53.0
CVE-2025-5197 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.53.0
CVE-2025-3933 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.52.1
CVE-2025-3264 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.51.0
CVE-2025-3263 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.51.0
CVE-2024-12720 Medium 5.3 transformers-4.36.0-py3-none-any.whl Direct 4.48.0
CVE-2025-1194 Medium 4.3 transformers-4.36.0-py3-none-any.whl Direct transformers - 4.50.0,https://github.com/huggingface/transformers.git - v4.50.0
CVE-2025-3777 Low 3.5 transformers-4.36.0-py3-none-any.whl Direct 4.52.1
CVE-2024-3568 Low 3.4 transformers-4.36.0-py3-none-any.whl Direct 4.38.0

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

Partial details (21 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

CVE-2024-11394

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2024-11-22

URL: CVE-2024-11394

CVSS 3 Score Details (8.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2024-11-22

Fix Resolution: 4.48.0

Step up your Open Source Security Game with Mend here

CVE-2024-11393

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2024-11-22

URL: CVE-2024-11393

CVSS 3 Score Details (8.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2024-11-22

Fix Resolution: 4.48.0

Step up your Open Source Security Game with Mend here

CVE-2025-14930

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of weights. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process.

Publish Date: 2025-12-23

URL: CVE-2025-14930

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14929

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of checkpoints. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process.

Publish Date: 2025-12-23

URL: CVE-2025-14929

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14928

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must convert a malicious checkpoint.

The specific flaw exists within the convert_config function. The issue results from the lack of proper validation of a user-supplied string before using it to execute Python code. An attacker can leverage this vulnerability to execute code in the context of the current user.

Publish Date: 2025-12-23

URL: CVE-2025-14928

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14927

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must convert a malicious checkpoint.
The specific flaw exists within the convert_config function. The issue results from the lack of proper validation of a user-supplied string before using it to execute Python code. An attacker can leverage this vulnerability to execute code in the context of the current user.
. Was ZDI-CAN-28252.

Publish Date: 2025-12-23

URL: CVE-2025-14927

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14926

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must convert a malicious checkpoint.
The specific flaw exists within the convert_config function. The issue results from the lack of proper validation of a user-supplied string before using it to execute Python code. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-28251.

Publish Date: 2025-12-23

URL: CVE-2025-14926

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14924

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of checkpoints. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27984.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2025-12-23

URL: CVE-2025-14924

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14921

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25424.

Publish Date: 2025-12-23

URL: CVE-2025-14921

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-14920

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25423.

Publish Date: 2025-12-23

URL: CVE-2025-14920

CVSS 3 Score Details (7.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with Mend here

CVE-2025-3262

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the huggingface/transformers repository, specifically in version 4.49.0. The vulnerability is due to inefficient regular expression complexity in the "SETTING_RE" variable within the "transformers/commands/chat.py" file. The regex contains repetition groups and non-optimized quantifiers, leading to exponential backtracking when processing 'almost matching' payloads. This can degrade application performance and potentially result in a denial-of-service (DoS) when handling specially crafted input strings. The issue is fixed in version 4.51.0.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2025-07-07

URL: CVE-2025-3262

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2025-07-07

Fix Resolution: 4.51.0

Step up your Open Source Security Game with Mend here

CVE-2025-2099

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A vulnerability in the "preprocess_string()" function of the "transformers.testing_utils" module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.

Publish Date: 2025-05-19

URL: CVE-2025-2099

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-qq3j-4f4f-9583

Release Date: 2025-05-19

Fix Resolution: 4.50.0

Step up your Open Source Security Game with Mend here

CVE-2024-11392

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2024-11-22

URL: CVE-2024-11392

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: High
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2024-11392

Release Date: 2024-11-22

Fix Resolution: 4.48.0

Step up your Open Source Security Game with Mend here

CVE-2025-6921

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

The huggingface/transformers library, versions prior to 4.53.0, is vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer. The vulnerability arises from the _do_use_weight_decay method, which processes user-controlled regular expressions in the include_in_weight_decay and exclude_from_weight_decay lists. Malicious regular expressions can cause catastrophic backtracking during the re.search call, leading to 100% CPU utilization and a denial of service. This issue can be exploited by attackers who can control the patterns in these lists, potentially causing the machine learning task to hang and rendering services unresponsive.

Publish Date: 2025-09-23

URL: CVE-2025-6921

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-4w7r-h757-3r74

Release Date: 2025-09-23

Fix Resolution: 4.53.0

Step up your Open Source Security Game with Mend here

CVE-2025-6638

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically affecting the MarianTokenizer's "remove_language_code()" method. This vulnerability is present in version 4.52.4 and has been fixed in version 4.53.0. The issue arises from inefficient regex processing, which can be exploited by crafted input strings containing malformed language code patterns, leading to excessive CPU consumption and potential denial of service.

Publish Date: 2025-09-12

URL: CVE-2025-6638

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.com/bounties/6a6c933f-9ce8-4ded-8b3b-2c1444c61f36

Release Date: 2025-09-12

Fix Resolution: 4.53.0

Step up your Open Source Security Game with Mend here

CVE-2025-6051

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the "normalize_numbers()" method of the "EnglishNormalizer" class. This vulnerability affects versions up to 4.52.4 and is fixed in version 4.53.0. The issue arises from the method's handling of numeric strings, which can be exploited using crafted input strings containing long sequences of digits, leading to excessive CPU consumption. This vulnerability impacts text-to-speech and number normalization tasks, potentially causing service disruption, resource exhaustion, and API vulnerabilities.

Publish Date: 2025-09-14

URL: CVE-2025-6051

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2025-09-14

Fix Resolution: 4.53.0

Step up your Open Source Security Game with Mend here

CVE-2025-5197

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the "convert_tf_weight_name_to_pt_weight_name()" function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern "/[^/]___([^/])/" that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats.

Publish Date: 2025-08-06

URL: CVE-2025-5197

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-9356-575x-2w9m

Release Date: 2025-08-06

Fix Resolution: 4.53.0

Step up your Open Source Security Game with Mend here

CVE-2025-3933

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's "token2json()" method. This vulnerability affects versions 4.50.3 and earlier, and is fixed in version 4.52.1. The issue arises from the regex pattern "<s_(.*?)>" which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting document processing tasks using the Donut model.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2025-07-11

URL: CVE-2025-3933

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2025-07-11

Fix Resolution: 4.52.1

Step up your Open Source Security Game with Mend here

CVE-2025-3264

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the "get_imports()" function within "dynamic_module_utils.py". This vulnerability affects versions 4.49.0 and is fixed in version 4.51.0. The issue arises from a regular expression pattern "\stry\s:.?except.?:" used to filter out try/except blocks from Python code, which can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. This vulnerability can lead to remote code loading disruption, resource exhaustion in model serving, supply chain attack vectors, and development pipeline disruption.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2025-07-07

URL: CVE-2025-3264

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2025-07-07

Fix Resolution: 4.51.0

Step up your Open Source Security Game with Mend here

CVE-2025-3263

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the "get_configuration_file()" function within the "transformers.configuration_utils" module. The affected version is 4.49.0, and the issue is resolved in version 4.51.0. The vulnerability arises from the use of a regular expression pattern "config.(.*).json" that can be exploited to cause excessive CPU consumption through crafted input strings, leading to catastrophic backtracking. This can result in model serving disruption, resource exhaustion, and increased latency in applications using the library.
Mend Note: The description of this vulnerability differs from MITRE.

Publish Date: 2025-07-07

URL: CVE-2025-3263

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2025-07-07

Fix Resolution: 4.51.0

Step up your Open Source Security Game with Mend here

CVE-2024-12720

Vulnerable Library - transformers-4.36.0-py3-none-any.whl

State-of-the-art Machine Learning for JAX, PyTorch and TensorFlow

Library home page: https://files.pythonhosted.org/packages/0f/12/d8e27a190ca67811f81deea3183b528d9169f10b74d827e0b9211520ecfa/transformers-4.36.0-py3-none-any.whl

Path to dependency file: /ai/requirements.txt

Path to vulnerable library: /tmp/ws-ua_20260331025725_MIUFBE/python_UVEQHS/20260331025831/10/transformers-4.36.0-py3-none-any.whl

Dependency Hierarchy:

  • transformers-4.36.0-py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: 0f1cc4f79fdab9e4d90aa9caf963ea2e271c0183

Found in base branch: main

Vulnerability Details

A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vulnerability occurs in the post_process_single() function, where a regular expression processes specially crafted input. The issue stems from the regex exhibiting exponential time complexity under certain conditions, leading to excessive backtracking. This can result in significantly high CPU usage and potential application downtime, effectively creating a Denial of Service (DoS) scenario. The affected version is v4.46.3 (latest).

Publish Date: 2025-03-20

URL: CVE-2024-12720

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2024-12720

Release Date: 2025-03-20

Fix Resolution: 4.48.0

Step up your Open Source Security Game with Mend here

Metadata

Metadata

Assignees

No one assigned

    Labels

    Mend: dependency security vulnerabilitySecurity vulnerability detected by Mend

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions