Vulnerability Description
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern `/[^/]*___([^/]*)/` that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huggingface | Transformers | < 4.53.0 |
Related Weaknesses (CWE)
References
- https://github.com/huggingface/transformers/commit/944b56000be5e9b61af8301aa3408Patch
- https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bfExploitIssue TrackingPatch
- https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d2678bfExploitIssue TrackingPatch
FAQ
What is CVE-2025-5197?
CVE-2025-5197 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, ...
How severe is CVE-2025-5197?
CVE-2025-5197 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-5197?
Check the references section above for vendor advisories and patch information. Affected products include: Huggingface Transformers.