ReDoS Vulnerability in Hugging Face Transformers Library
CVE-2025-5197

5.3MEDIUM

Key Information:

Vendor: Huggingface
Status: Huggingface/transformers
Vendor: CVE Published:; 6 August 2025

🔔 Create Huggingface Vulnerability Alert

What is CVE-2025-5197?

A Regular Expression Denial of Service (ReDoS) vulnerability has been identified in the Hugging Face Transformers library. The issue lies within the convert_tf_weight_name_to_pt_weight_name() function, which facilitates the conversion of TensorFlow weight names into the PyTorch framework. An exploitable regex pattern /[^/]*___([^/]*)/ can lead to significant CPU resource consumption due to catastrophic backtracking triggered by specifically crafted input strings. This can result in service disruptions, resource exhaustion, and may create potential vulnerabilities in API services, ultimately affecting the efficacy of model conversions between TensorFlow and PyTorch formats. The issue has been patched in version 4.53.0.

Affected Version(s)

huggingface/transformers < 4.53.0

References

https://huntr.com/bounties/3f8b3fd0-166b-46e7-b60f-60dd9d...

https://github.com/huggingface/transformers/commit/944b56...

CVSS V3.0

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
May 26, 2025