Update transformers library into latest version due to security vulnerability.

[bannarisoftwares]

Since transformers library not forced into latest version, D-Track identifies as threat at transformers ▸ 4.46.3 version. They are

[CVE-2024-11392]
[CVE-2024-11393]
[CVE-2024-11394] from National Vulnerability Database

So, Can we update transformers library into latest version

[tomaarsen]

Hello!

These CVE's are a little unfortunate. I've taken this response from my colleague @Rocketknight1 who gave a clear description:

These vulnerabilities generally stem from specific model class conversion scripts in the transformers codebase. These conversion scripts are not imported or called by the main library, and are only included as a convenience for users who want to convert models from the original format they were released in to HF format. Because the original models are often released as zip files, non-safetensors torch weights, etc, the conversion scripts must open those formats, which results in a potential vulnerability as these formats can contain malicious payloads.

However, to exploit the vulnerability, an attacker would have to craft a malicious model and then induce the user to call a specific obscure conversion script on it, which we don't consider to be a realistic attack vector. Since these vulnerabilities exist only in those accessory conversion scripts, and not in core library functions, and because there's no real way to mitigate them without deleting the scripts, we basically just ignore them!

Since Transformers v4.48.0, these conversion scripts are no longer included in the built transformers package, so the vulnerability (I would argue there never was one) is certainly resolved from that point forward. However, a lot of projects rely on transformers, often locked to specific version ranges. If I enforce transformers>=4.48.0 (which is only 2 weeks old!), then users will be unable to combine Sentence Transformers with many other projects.

In my opinion, this is a bigger problem than vulnerability software flagging a project as dangerous because someone managed to get a CVE through.

I would recommend installing Sentence Transformers like so:

pip install transformers>=4.48.0
pip install sentence-transformers

If you wish to avoid the vulnerability concerns fully. I will increase the required version of transformers in the future, but only when it's strictly necessary for Sentence Transformers functionality, or when enough time has passed that other projects have reasonably been able to start supporting v4.48.0 of transformers.

• Tom Aarsen