CVE-2025-3777 | huggingface transformers up to 4.52.0 URL Validation image_utils.py startswith information disclosure

Inserito da Angelo Barbosa | Lug 7, 2025 | CVE

A vulnerability was found in huggingface transformers up to 4.52.0. It has been declared as problematic. Affected by this vulnerability is the function startswith of the file image_utils.py of the component URL Validation Handler. The manipulation leads to information disclosure.

This vulnerability is known as CVE-2025-3777. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-3777 | huggingface transformers up to 4.52.0 URL Validation image_utils.py startswith information disclosure

Post correlati

CVE-2024-10183 | Jamf Pro up to 1.3.0/11.5 on macOS Remote Assist Tool default permission

CVE-2024-52271 | Documenso SaaS/Hosted clickjacking (ID 1512)

CVE-2024-20507 | Cisco Meeting Management up to 3.9.0 Web-based Management Interface information disclosure (cisco-sa-cmm-info-disc-9ZEMAhGA)

CVE-2025-0804 | flowdee ClickWhale up to 2.4.1 on WordPress Link Page cross site scripting