AVID-2026-R1655

Description

Regular Expression Denial of Service (ReDoS) in huggingface/transformers (CVE-2025-2099)

Details

A vulnerability in the preprocess_string() function of the transformers.testing_utils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.

Reason for inclusion in AVID: The CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in a widely used AI/ML library (huggingface/transformers). This vulnerability affects a component (transformers.testing_utils.preprocess_string) that is part of the AI software stack and could be exploited to cause high CPU usage or downtime in AI workflows. It directly pertains to software supply chains for general-purpose AI systems since transformers is a core dependency for model training, evaluation, and deployment pipelines. The report provides explicit vulnerability details (CVE-2025-2099, description, affected version, and impact) sufficient to classify it as a security vulnerability in the AI software supply chain.

References

• NVD entry
• https://huntr.com/bounties/97b780f3-ffca-424f-ad5d-0e1c57a5bde4
• https://github.com/huggingface/transformers/commit/8cb522b4190bd556ce51be04942720650b1a3e57

Affected or Relevant Artifacts

• Developer: huggingface
• Deployer: huggingface
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2025-05-19
• Version: 0.3.3
• AVID Entry