pkg:PyPI/transformers

共 35 筆 CVECRITICAL2HIGH16MEDIUM15LOW2

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.0CVE-2023-6730transformers has a Deserialization of Untrusted Data vulnerability
    from 0, < 4.36.0
  • CRITICAL9.0CVE-2023-6730transformers has a Deserialization of Untrusted Data vulnerability
    from 0, < 1d63b0ec361e7a38f1339385e8a5a855085532ce | from 0, < 4.36.0
  • HIGH8.8CVE-2024-11393Deserialization of Untrusted Data in Hugging Face Transformers
    from 0, < 4.48.0
  • HIGH8.8CVE-2024-11394Deserialization of Untrusted Data in Hugging Face Transformers
    from 0, < 4.48.0
  • HIGH8.8CVE-2024-11394Deserialization of Untrusted Data in Hugging Face Transformers
    from 0, < 4.48.0
  • HIGH8.8CVE-2024-11393Deserialization of Untrusted Data in Hugging Face Transformers
    from 0, < 4.48.0
  • HIGH7.8CVE-2025-14930Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability.
    from 0, <= 4.57.1
  • HIGH7.8CVE-2025-14929Hugging Face Transformers X-CLIP Checkpoint Conversion Deserialization of Untrusted Data Remote Code Execution Vulnerability.
    from 0, <= 5.0.0-rc0
  • HIGH7.8CVE-2025-14928Hugging Face Transformers HuBERT convert_config Code Injection Remote Code Execution Vulnerability.
    from 0, <= 4.57.0
  • HIGH7.8CVE-2025-14927Hugging Face Transformers SEW-D convert_config Code Injection Remote Code Execution Vulnerability.
    from 0, <= 4.57.0
  • HIGH7.8CVE-2025-14926Hugging Face Transformers SEW convert_config Code Injection Remote Code Execution Vulnerability.
    from 0, <= 4.57.0
  • HIGH7.8CVE-2025-14924Hugging Face Transformers megatron_gpt2 Deserialization of Untrusted Data Remote Code Execution Vulnerability.
    from 0, <= 4.55.0
  • HIGH7.8CVE-2025-14921Hugging Face Transformers Transformer-XL Model Deserialization of Untrusted Data Remote Code Execution Vulnerability.
    from 0, <= 4.54.1
  • HIGH7.8CVE-2025-14920Hugging Face Transformers Perceiver Model Deserialization of Untrusted Data Remote Code Execution Vulnerability.
    from 0, <= 4.54.1
  • HIGH7.8CVE-2023-7018transformers has a Deserialization of Untrusted Data vulnerability
    from 0, < 4.36.0
  • HIGH7.8CVE-2023-7018transformers has a Deserialization of Untrusted Data vulnerability
    from 0, < 1d63b0ec361e7a38f1339385e8a5a855085532ce | from 0, < 4.36.0
  • HIGH7.5CVE-2024-11392Deserialization of Untrusted Data in Hugging Face Transformers
    from 0, < 4.48.0
  • HIGH7.5CVE-2024-11392Deserialization of Untrusted Data in Hugging Face Transformers
    from 0, < 4.48.0
  • MEDIUM6.5CVE-2026-1839HuggingFace Transformers allows for arbitrary code execution in the `Trainer` class
    from 0, < 5.0.0rc3
  • MEDIUM5.3CVE-2025-6921Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer
    from 0, < 4.53.0
  • MEDIUM5.3CVE-2025-6051Hugging Face Transformers library has Regular Expression Denial of Service
    from 0, < 4.53.0
  • MEDIUM5.3CVE-2025-6638Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer
    from 0, < 4.53.0
  • MEDIUM5.3CVE-2025-5197Hugging Face Transformers Regular Expression Denial of Service (ReDoS) vulnerability
    from 0, < 4.53.0
  • MEDIUM5.3CVE-2025-3933Transformers is vulnerable to ReDoS attack through its DonutProcessor class
    from 0, < 4.52.1
  • MEDIUM5.3CVE-2025-3262Transformers vulnerable to ReDoS attack through its SETTING_RE variable
    >= 4.49.0, < 4.51.0
  • MEDIUM5.3CVE-2025-3263Transformers's ReDoS vulnerability in get_configuration_file can lead to catastrophic backtracking
    from 0, < 4.51.0
  • MEDIUM5.3CVE-2025-3264Transformers vulnerable to ReDoS attack through its get_imports() function
    from 0, < 4.51.0
  • MEDIUM5.3CVE-2025-2099Hugging Face Transformers Regular Expression Denial of Service
    from 0, < 8cb522b4190bd556ce51be04942720650b1a3e57 | from 0, < 4.49.0
  • MEDIUM5.3CVE-2025-2099Hugging Face Transformers Regular Expression Denial of Service
    from 0, < 4.50.0
  • MEDIUM5.3CVE-2024-12720Transformers Regular Expression Denial of Service (ReDoS) vulnerability
    from 0, < 4.48.0
  • MEDIUM4.7CVE-2023-2800transformers has Insecure Temporary File
    from 0, < 80ca92470938bbcc348e2d9cf4734c7c25cb1c43 | from 0, < 4.30.0
  • MEDIUM4.7CVE-2023-2800transformers has Insecure Temporary File
    from 0, < 4.30.0
  • MEDIUM4.3CVE-2025-1194Transformers Regular Expression Denial of Service (ReDoS) vulnerability
    from 0, < 4.50.0
  • LOW3.5CVE-2025-3777Transformers's Improper Input Validation vulnerability can be exploited through username injection
    from 0, < 4.52.1
  • LOW3.4CVE-2024-3568Transformers Deserialization of Untrusted Data vulnerability
    from 0, < 4.38.0