Summary
policyengine-core uses unsafe PyYAML loaders for parameter loading.
Severity
High
Impact
Attacker-controlled parameter repos, extensions, or imported YAML files can construct arbitrary Python objects at load time rather than plain data structures.
Affected code
policyengine_core/parameters/config.py:9-32policyengine_core/parameters/helpers.py:43-46
Details
config.Loader is bound to yaml.CLoader/yaml.Loader, and _load_yaml_file() uses config.yaml.load(..., Loader=config.Loader). That is not a safe loader path.
Expected behavior
Parameter YAML should be parsed with a safe loader that only permits primitive data structures and the explicitly required custom constructors.
Suggested remediation
- Switch to
yaml.CSafeLoader/yaml.SafeLoader
- Re-register only the required custom constructors on the safe loader
- Add regression tests that reject object tags such as
!!python/object/apply
Summary
policyengine-coreuses unsafe PyYAML loaders for parameter loading.Severity
High
Impact
Attacker-controlled parameter repos, extensions, or imported YAML files can construct arbitrary Python objects at load time rather than plain data structures.
Affected code
policyengine_core/parameters/config.py:9-32policyengine_core/parameters/helpers.py:43-46Details
config.Loaderis bound toyaml.CLoader/yaml.Loader, and_load_yaml_file()usesconfig.yaml.load(..., Loader=config.Loader). That is not a safe loader path.Expected behavior
Parameter YAML should be parsed with a safe loader that only permits primitive data structures and the explicitly required custom constructors.
Suggested remediation
yaml.CSafeLoader/yaml.SafeLoader!!python/object/apply