5.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2025-2099

GHSA ID

GHSA-qq3j-4f4f-9583

EPSS Score

0.22872%

CWE

CWE-1333

Published

5/19/2025

Updated

5/19/2025

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-2099

CVE-2025-2099: Hugging Face Transformers Regular Expression Denial of Service

A vulnerability in the preprocess_string() function of the transformers.testing_utils module in huggingface/transformers version v4.48.3 allows for a Regular Expression Denial of Service (ReDoS) attack. The regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large number of newline characters. An attacker can exploit this by providing a specially crafted payload, causing high CPU usage and potential application downtime, effectively resulting in a Denial of Service (DoS) scenario.

(GitHub Advisory)

5.3

CVSS Score

3.0

Basic Information

CVE ID

CVE-2025-2099

GHSA ID

GHSA-qq3j-4f4f-9583

EPSS Score

0.22872%

CWE

CWE-1333

Published

5/19/2025

Updated

5/19/2025

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
transformers	pip	< 4.50.0	4.50.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly mentions the preprocess_string() function in the transformers.testing_utils module as being vulnerable due to a ReDoS attack vector in its regular expression. The provided commit patch directly modifies this function and the problematic regular expression. The patch changes the regex codeblock_pattern and how it's used with re.split, confirming that preprocess_string is the function where the vulnerability existed and was subsequently fixed. The evidence is directly from the commit diff showing the regex change within this specific function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility in t** `pr*pro**ss_strin*()` *un*tion o* t** `tr*ns*orm*rs.t*stin*_utils` mo*ul* in *u**in*****/tr*ns*orm*rs v*rsion v*.**.* *llows *or * R**ul*r *xpr*ssion **ni*l o* S*rvi** (R**oS) *tt**k. T** r**ul*r *xpr*ssion us** to pro**ss *o**

Reasoning

T** vuln*r**ility **s*ription *xpli*itly m*ntions t** `pr*pro**ss_strin*()` *un*tion in t** `tr*ns*orm*rs.t*stin*_utils` mo*ul* *s **in* vuln*r**l* *u* to * R**oS *tt**k v**tor in its r**ul*r *xpr*ssion. T** provi*** *ommit p*t** *ir**tly mo*i*i*s t*

5.3

Basic Information

Concerned about an active attack path?

CVE-2025-2099: Hugging Face Transformers Regular Expression Denial of Service

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI