A recent security audit of Gradio 5, a popular open-source library for building machine learning web applications, has identified and addressed several high-severity issues. The audit was conducted by Trail of Bits, a well-known cybersecurity company, in collaboration with the Hugging Face Gradio team.

What Happened

The security audit of Gradio 5 uncovered eight high-severity issues, including vulnerabilities in the Gradio-deployed infrastructure that supports sharing machine learning models and interfaces with the world. The identified vulnerabilities included SSRF (Server-Side Request Forgery), XSS (Cross-Site Scripting), and arbitrary file leaks in specific Gradio server configurations.

The audit also found supply chain vulnerabilities originating from the Gradio CI pipeline, including issues related to GitHub Actions workflows that use third-party actions pinned to tags or branch names instead of full commit SHAs. This could allow malicious actors to silently modify actions, potentially leading to tampering with application releases or leaking secrets.

The Hugging Face Gradio team worked closely with Trail of Bits to identify mitigation strategies for each of the identified risks and implemented fixes ahead of the Gradio 5 release. The updated version of Gradio 5 is now available, and users are encouraged to update their applications by running `pip install --upgrade gradio` in the command line.

Background and Context

Gradio is a framework that provides a simple and easy-to-use interface for building web-based machine learning applications. It enables developers to create interactive and shareable demos with just a few lines of code without any prior web development experience. Gradio has become the default way to build machine learning web applications in Python, with over 6 million monthly PyPi installs.

The popularity of Gradio has led to an increased focus on ensuring security as it grows. The Hugging Face Gradio team recognized the importance of preemptive security audits and decided to conduct a comprehensive audit of the Gradio codebase. This approach allows developers to build machine learning applications with Gradio 5 that follow best practices for web security without any significant changes to their code.

Why it Matters

The security issues identified in the Gradio 5 audit have significant implications for the adult industry, which relies heavily on machine learning and AI-powered applications. The vulnerabilities discovered could potentially allow attackers to steal access tokens, take over user accounts, or even inject malicious code into applications.

Ensuring the security of these applications is crucial to preventing data breaches, protecting user privacy, and maintaining trust in the industry. By addressing these issues proactively, Gradio 5 provides a safer and more secure platform for developers to build machine learning web applications.

What Comes Next

The Hugging Face Gradio team is committed to continuing their collaboration with the security community to identify and mitigate potential security issues in Gradio. They have added security unit tests to their test suite, fuzz tests specifically designed to identify potential vulnerabilities, and are using static analysis tools like Semgrep in their CI pipeline to detect common security issues.

Developers can update their applications to the latest version of Gradio 5 by running `pip install --upgrade gradio` in the command line. This ensures that they have access to the updated security features and fixes implemented as a result of the audit.

Key Facts

  • The Gradio 5 audit identified eight high-severity issues, including vulnerabilities in SSRF, XSS, and arbitrary file leaks.
  • The audit also found supply chain vulnerabilities originating from the Gradio CI pipeline.
  • The Hugging Face Gradio team worked closely with Trail of Bits to identify mitigation strategies for each of the identified risks.
  • Gradio 5 has been updated to address all reported issues, and users are encouraged to update their applications by running `pip install --upgrade gradio` in the command line.
  • The Hugging Face Gradio team is committed to continuing their collaboration with the security community to identify and mitigate potential security issues in Gradio.