Latest version: v4.46.2
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| PVE-2021-40187 | 40187 |
Transformers 4.5.0 includes various vulnerability fixes. |
|
- | - |
| CVE-2023-49081 | 71037 |
Transformers version 4.41.0 updates its `aiohttp` dependency from ver… |
|
MEDIUM | 5.3 |
| CVE-2023-49082 | 71048 |
Transformers version 4.41.0 updates its `aiohttp` dependency from ver… |
|
MEDIUM | 5.3 |
| CVE-2024-21503 | 71049 |
Transformers version 4.41.0 updates its `black` dependency from versi… |
|
- | - |
| CVE-2024-3568 | 71601 |
The huggingface/transformers library is vulnerable to arbitrary code … |
|
- | - |
| PVE-2024-64402 | 64402 |
Transformers is affected by a shell injection vulnerability. It appea… |
|
- | - |
| CVE-2023-2800 | 60235 |
Transformers 4.30.0 includes a fix for an Insecure Temporary File vul… |
|
MEDIUM | 4.7 |
| CVE-2022-1941 | 51396 |
Transformers 4.23.0 updates its dependency 'protobuf' requirement to … |
|
HIGH | 7.5 |
| PVE-2022-51450 | 51450 |
Transformers 4.23.0 includes a fix for a link vulnerable to repojacki… |
|
- | - |
| CVE-2023-49082 | 71287 |
Transformers version 2.0 updates its aiohttp dependency from 3.8.5 to… |
|
MEDIUM | 5.3 |
| CVE-2023-49081 | 71286 |
Transformers version 2.0 updates its aiohttp dependency from 3.8.5 to… |
|
MEDIUM | 5.3 |
| CVE-2023-25668 | 71289 |
Transformers version 2.0 updates its tensorflow dependency from 2.8.1… |
|
CRITICAL | 9.8 |
| CVE-2023-7018 | 65398 |
Deserialization of Untrusted Data in GitHub repository huggingface/tr… |
|
HIGH | 7.8 |
| CVE-2023-6730 | 65215 |
Deserialization of Untrusted Data in GitHub repository huggingface/tr… |
|
HIGH | 8.8 |