VulnerableCode Package Details - pkg:pypi/transformers@4.27.3

Search for packages

Vulnerability	Summary	Fixed by
VCID-6jzg-ptkc-zfge Aliases: CVE-2024-11394 PYSEC-2024-229	Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.	4.48.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-6wnz-1qbk-x3av Aliases: CVE-2023-7018 GHSA-v68g-wm8c-6x7j PYSEC-2023-301	Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.	4.36.0 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-7chd-q1tt-7fck Aliases: CVE-2025-2099 PYSEC-2025-40	A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.	4.49.0 Affected by 0 other vulnerabilities.
VCID-aud4-pr4h-r3er Aliases: CVE-2024-11392 PYSEC-2024-227	Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.	4.48.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mj4x-79x9-83ax Aliases: CVE-2024-11393 PYSEC-2024-228	Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.	4.48.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-re51-pz3b-xbc5 Aliases: CVE-2023-6730 GHSA-3863-2447-669p PYSEC-2023-300	Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.	4.36.0 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-smqc-ecxk-eqe6 Aliases: CVE-2023-2800 GHSA-282v-666c-3fvg PYSEC-2023-299	Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.	4.30.0 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-6jzg-ptkc-zfge
Aliases:
CVE-2024-11394
PYSEC-2024-229

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.

4.48.0
Affected by 1 other vulnerability.

VCID-6wnz-1qbk-x3av
Aliases:
CVE-2023-7018
GHSA-v68g-wm8c-6x7j
PYSEC-2023-301

Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.

4.36.0
Affected by 4 other vulnerabilities.

VCID-7chd-q1tt-7fck
Aliases:
CVE-2025-2099
PYSEC-2025-40

A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.

4.49.0
Affected by 0 other vulnerabilities.

VCID-aud4-pr4h-r3er
Aliases:
CVE-2024-11392
PYSEC-2024-227

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.

4.48.0
Affected by 1 other vulnerability.

VCID-mj4x-79x9-83ax
Aliases:
CVE-2024-11393
PYSEC-2024-228

Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.

4.48.0
Affected by 1 other vulnerability.

VCID-re51-pz3b-xbc5
Aliases:
CVE-2023-6730
GHSA-3863-2447-669p
PYSEC-2023-300

Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.

4.36.0
Affected by 4 other vulnerabilities.

VCID-smqc-ecxk-eqe6
Aliases:
CVE-2023-2800
GHSA-282v-666c-3fvg
PYSEC-2023-299

Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.

4.30.0
Affected by 6 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:23:04.241081+00:00	Pypa Importer	Affected by	VCID-7chd-q1tt-7fck	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2025-40.yaml	38.6.0
2026-06-02T04:22:34.011791+00:00	Pypa Importer	Affected by	VCID-6jzg-ptkc-zfge	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2024-229.yaml	38.6.0
2026-06-02T04:22:33.343277+00:00	Pypa Importer	Affected by	VCID-mj4x-79x9-83ax	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2024-228.yaml	38.6.0
2026-06-02T04:22:32.622350+00:00	Pypa Importer	Affected by	VCID-aud4-pr4h-r3er	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2024-227.yaml	38.6.0
2026-06-02T04:20:25.770377+00:00	Pypa Importer	Affected by	VCID-6wnz-1qbk-x3av	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2023-301.yaml	38.6.0
2026-06-02T04:20:25.234863+00:00	Pypa Importer	Affected by	VCID-re51-pz3b-xbc5	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2023-300.yaml	38.6.0
2026-06-02T04:18:45.458692+00:00	Pypa Importer	Affected by	VCID-smqc-ecxk-eqe6	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2023-299.yaml	38.6.0