Skip to content

[SECURITY] YAML Deserialization RCE via Unsafe yaml.Loader in generator.py #122

Description

@xiaodao00266

SUMMARY
YAML Deserialization Remote Code Execution via Unsafe yaml.Loader in generator.py

SEVERITY
High (CVSS 7.8) — AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

VULNERABLE CODE
File: qface/generator.py, lines 31-35 and 406-415

The FileSystem.load_yaml() method uses the unsafe yaml.Loader (or yaml.CLoader)
to parse YAML documents, allowing arbitrary Python code execution.

Lines 31-35:

try:
    from yaml import CLoader as Loader, CDumper as Dumper
except ImportError:
    from yaml import Loader, Dumper

Lines 406-415:

@staticmethod
def load_yaml(document: Path, required=False):
    ...
    return yaml.load(document.read_text(), Loader=Loader)

The Loader is the unsafe PyYAML loader that supports !!python/object/apply tags,
allowing arbitrary Python function calls during YAML parsing.

PROOF OF CONCEPT
A malicious YAML file with the following content triggers code execution:

!!python/object/apply:os.system ["echo EXPLOITED"]

When qface processes this file via --rules, os.system() executes:

qface --rules malicious.yaml --target output/

PoC verified locally: yaml.Loader executes os.system() successfully.
yaml.SafeLoader correctly blocks the same payload.

IMPACT
An attacker who can supply a malicious YAML file to qface can execute arbitrary
code with the privileges of the user running qface. Attack vectors include:

  1. A malicious pull request containing a YAML rule file processed by CI/CD
  2. A developer cloning a repository that contains a crafted YAML configuration
  3. Any application using qface as a library and loading YAML from untrusted sources

FIX
Replace yaml.Loader/yaml.CLoader with yaml.SafeLoader/yaml.CSafeLoader:

try:
    from yaml import CSafeLoader as Loader, CSafeDumper as Dumper
except ImportError:
    from yaml import SafeLoader as Loader, SafeDumper as Dumper

AFFECTED VERSIONS
All versions of qface using the unsafe yaml.Loader.

RESEARCHER
Found during automated security assessment.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions