GSA_kwCzR0hTQS0yODJ2LTY2NmMtM2Z2Z84AAzZV

Moderate EPSS: 0.00015% (0.01943 Percentile) EPSS:

Permalink JSON

transformers has Insecure Temporary File

Affected Packages	Affected Versions	Fixed Versions
pypi:transformers	< 4.30.0	4.30.0
2,589 Dependent packages 31,800 Dependent repositories 71,422,624 Downloads last month Affected Version Ranges All affected versions 2.0.0, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.7.0, 2.8.0, 2.9.0, 2.9.1, 2.10.0, 2.11.0, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0, 3.3.0, 3.3.1, 3.4.0, 3.5.0, 3.5.1, 4.0.0, 4.0.1, 4.1.0, 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.4.0, 4.4.1, 4.4.2, 4.5.0, 4.5.1, 4.6.0, 4.6.1, 4.7.0, 4.8.0, 4.8.1, 4.8.2, 4.9.0, 4.9.1, 4.9.2, 4.10.0, 4.10.1, 4.10.2, 4.10.3, 4.11.0, 4.11.1, 4.11.2, 4.11.3, 4.12.0, 4.12.1, 4.12.2, 4.12.3, 4.12.4, 4.12.5, 4.13.0, 4.14.0, 4.14.1, 4.15.0, 4.16.0, 4.16.1, 4.16.2, 4.17.0, 4.18.0, 4.19.0, 4.19.1, 4.19.2, 4.19.3, 4.19.4, 4.20.0, 4.20.1, 4.21.0, 4.21.1, 4.21.2, 4.21.3, 4.22.0, 4.22.1, 4.22.2, 4.23.0, 4.23.1, 4.24.0, 4.25.0, 4.25.1, 4.26.0, 4.26.1, 4.27.0, 4.27.1, 4.27.2, 4.27.3, 4.27.4, 4.28.0, 4.28.1, 4.29.0, 4.29.1, 4.29.2 All unaffected versions 4.30.0, 4.30.1, 4.30.2, 4.31.0, 4.32.0, 4.32.1, 4.33.0, 4.33.1, 4.33.2, 4.33.3, 4.34.0, 4.34.1, 4.35.0, 4.35.1, 4.35.2, 4.36.0, 4.36.1, 4.36.2, 4.37.0, 4.37.1, 4.37.2, 4.38.0, 4.38.1, 4.38.2, 4.39.0, 4.39.1, 4.39.2, 4.39.3, 4.40.0, 4.40.1, 4.40.2, 4.41.0, 4.41.1, 4.41.2, 4.42.0, 4.42.1, 4.42.2, 4.42.3, 4.42.4, 4.43.0, 4.43.1, 4.43.2, 4.43.3, 4.43.4, 4.44.0, 4.44.1, 4.44.2, 4.45.0, 4.45.1, 4.45.2, 4.46.0, 4.46.1, 4.46.2, 4.46.3, 4.47.0, 4.47.1, 4.48.0, 4.48.1, 4.48.2, 4.48.3, 4.49.0, 4.50.0, 4.50.1, 4.50.2, 4.50.3, 4.51.0, 4.51.1, 4.51.2, 4.51.3, 4.52.0, 4.52.1, 4.52.2, 4.52.3, 4.52.4, 4.53.0, 4.53.1, 4.53.2, 4.53.3, 4.54.0

Insecure Temporary File in GitHub repository huggingface/transformers 4.29.2 and prior. A fix is available at commit 80ca92470938bbcc348e2d9cf4734c7c25cb1c43 and has been released as part of version 4.30.0.

References:

Identifiers

GHSA-282v-666c-3fvg

CVE-2023-2800

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00015

EPSS Percentile: 0.01943

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/huggingface/transformers

Date and time

Published

about 2 years ago

Updated

8 months ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories