CVE Details
Basic Information
| Title | CVE-2025-5197 Regular Expression Denial of Service (ReDoS) in huggingface/transformers |
|---|---|
| Type | cve |
| Published | 2025-08-06T11:53:37 |
| Last Seen | 2025-08-06T12:01:21 |
| Modified | 2025-08-06T11:53:37 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | LOW |
AI Analysis
| AI Description | A Regular Expression Denial of Service (ReDoS) vulnerability in the Hugging Face Transformers library’s `convert_tf_weight_name_to_pt_weight_name()` function can cause excessive CPU consumption due to catastrophic backtracking. This affects versions up to 4.51.3 and is fixed in version 4.53.0, potentially disrupting model conversion processes. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Hugging Face |
| AI Product | Hugging Face Transformers |
| AI Version | up to 4.51.3 |
Additional Information
| CVE List | CVE-2025-5197 |
|---|---|
| CWE List | CWE-1333 |
| Bulletin Family | cve |
Description
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern `/[^/]*___([^/]*)/` that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats.