VulnerableCode Package Details - pkg:pypi/transformers@4.47.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-6jzg-ptkc-zfge Aliases: CVE-2024-11394 PYSEC-2024-229	Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.	4.48.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-7chd-q1tt-7fck Aliases: CVE-2025-2099 PYSEC-2025-40	A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.	4.49.0 Affected by 0 other vulnerabilities.
VCID-aud4-pr4h-r3er Aliases: CVE-2024-11392 PYSEC-2024-227	Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.	4.48.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mj4x-79x9-83ax Aliases: CVE-2024-11393 PYSEC-2024-228	Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.	4.48.0 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-6jzg-ptkc-zfge
Aliases:
CVE-2024-11394
PYSEC-2024-229

Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25012.

4.48.0
Affected by 1 other vulnerability.

VCID-7chd-q1tt-7fck
Aliases:
CVE-2025-2099
PYSEC-2025-40

A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils` module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.

4.49.0
Affected by 0 other vulnerabilities.

VCID-aud4-pr4h-r3er
Aliases:
CVE-2024-11392
PYSEC-2024-227

Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of configuration files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-24322.

4.48.0
Affected by 1 other vulnerability.

VCID-mj4x-79x9-83ax
Aliases:
CVE-2024-11393
PYSEC-2024-228

Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of model files. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25191.

4.48.0
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:23:04.470234+00:00	Pypa Importer	Affected by	VCID-7chd-q1tt-7fck	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2025-40.yaml	38.6.0
2026-06-02T04:22:34.253304+00:00	Pypa Importer	Affected by	VCID-6jzg-ptkc-zfge	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2024-229.yaml	38.6.0
2026-06-02T04:22:33.575782+00:00	Pypa Importer	Affected by	VCID-mj4x-79x9-83ax	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2024-228.yaml	38.6.0
2026-06-02T04:22:32.884153+00:00	Pypa Importer	Affected by	VCID-aud4-pr4h-r3er	https://github.com/pypa/advisory-database/blob/main/vulns/transformers/PYSEC-2024-227.yaml	38.6.0