CVE-2024-11394
- EPSS 59.39%
- Veröffentlicht 22.11.2024 22:15:07
- Zuletzt bearbeitet 10.02.2025 22:16:16
Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction ...
CVE-2024-11393
- EPSS 76.12%
- Veröffentlicht 22.11.2024 22:15:07
- Zuletzt bearbeitet 10.02.2025 22:18:52
Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User intera...
CVE-2024-11392
- EPSS 53.12%
- Veröffentlicht 22.11.2024 22:15:06
- Zuletzt bearbeitet 10.02.2025 22:18:55
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction...
CVE-2024-3568
- EPSS 20.07%
- Veröffentlicht 10.04.2024 17:15:58
- Zuletzt bearbeitet 10.10.2025 17:55:38
The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and command...
CVE-2023-7018
- EPSS 0.2%
- Veröffentlicht 20.12.2023 17:15:08
- Zuletzt bearbeitet 21.11.2024 08:45:03
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
CVE-2023-6730
- EPSS 0.16%
- Veröffentlicht 19.12.2023 13:15:43
- Zuletzt bearbeitet 21.11.2024 08:44:26
Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.
CVE-2023-2800
- EPSS 0.02%
- Veröffentlicht 18.05.2023 17:15:08
- Zuletzt bearbeitet 21.11.2024 07:59:18
Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.