SUMMARY
YAML Deserialization Remote Code Execution via Unsafe yaml.Loader in generator.py
SEVERITY
High (CVSS 7.8) — AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
VULNERABLE CODE
File: qface/generator.py, lines 31-35 and 406-415
The FileSystem.load_yaml() method uses the unsafe yaml.Loader (or yaml.CLoader)
to parse YAML documents, allowing arbitrary Python code execution.
Lines 31-35:
try:
from yaml import CLoader as Loader, CDumper as Dumper
except ImportError:
from yaml import Loader, Dumper
Lines 406-415:
@staticmethod
def load_yaml(document: Path, required=False):
...
return yaml.load(document.read_text(), Loader=Loader)
The Loader is the unsafe PyYAML loader that supports !!python/object/apply tags,
allowing arbitrary Python function calls during YAML parsing.
PROOF OF CONCEPT
A malicious YAML file with the following content triggers code execution:
!!python/object/apply:os.system ["echo EXPLOITED"]
When qface processes this file via --rules, os.system() executes:
qface --rules malicious.yaml --target output/
PoC verified locally: yaml.Loader executes os.system() successfully.
yaml.SafeLoader correctly blocks the same payload.
IMPACT
An attacker who can supply a malicious YAML file to qface can execute arbitrary
code with the privileges of the user running qface. Attack vectors include:
- A malicious pull request containing a YAML rule file processed by CI/CD
- A developer cloning a repository that contains a crafted YAML configuration
- Any application using qface as a library and loading YAML from untrusted sources
FIX
Replace yaml.Loader/yaml.CLoader with yaml.SafeLoader/yaml.CSafeLoader:
try:
from yaml import CSafeLoader as Loader, CSafeDumper as Dumper
except ImportError:
from yaml import SafeLoader as Loader, SafeDumper as Dumper
AFFECTED VERSIONS
All versions of qface using the unsafe yaml.Loader.
RESEARCHER
Found during automated security assessment.
SUMMARY
YAML Deserialization Remote Code Execution via Unsafe yaml.Loader in generator.py
SEVERITY
High (CVSS 7.8) — AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
VULNERABLE CODE
File: qface/generator.py, lines 31-35 and 406-415
The FileSystem.load_yaml() method uses the unsafe yaml.Loader (or yaml.CLoader)
to parse YAML documents, allowing arbitrary Python code execution.
Lines 31-35:
Lines 406-415:
The Loader is the unsafe PyYAML loader that supports !!python/object/apply tags,
allowing arbitrary Python function calls during YAML parsing.
PROOF OF CONCEPT
A malicious YAML file with the following content triggers code execution:
When qface processes this file via --rules, os.system() executes:
PoC verified locally: yaml.Loader executes os.system() successfully.
yaml.SafeLoader correctly blocks the same payload.
IMPACT
An attacker who can supply a malicious YAML file to qface can execute arbitrary
code with the privileges of the user running qface. Attack vectors include:
FIX
Replace yaml.Loader/yaml.CLoader with yaml.SafeLoader/yaml.CSafeLoader:
AFFECTED VERSIONS
All versions of qface using the unsafe yaml.Loader.
RESEARCHER
Found during automated security assessment.