Remove Loader alias to UnsafeLoader and enhance security #851
+60
−52
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Remove Loader class as an alias to UnsafeLoader * Add warning messages when using UnsafeLoader, CUnsafeLoader, unsafe_load(), and unsafe_load_all() * Change default loader in scan(), parse(), compose(), and compose_all() from UnsafeLoader to SafeLoader * Improve documentation with clear security warnings These changes help prevent accidental RCE vulnerabilities when processing untrusted YAML data. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
|
Thank you! |
* Replace yaml.Loader with yaml.UnsafeLoader in test_structure.py * Update test_yaml_ext.py to use UnsafeLoader/CUnsafeLoader instead of removed Loader class * Ensures tests still work with the removal of the Loader alias 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
|
Good job |
lucadonnoh
approved these changes
Mar 7, 2025
|
Why not alias |
dOrgJelli
approved these changes
Mar 7, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Background
The Lazarus Group, a North Korean state-sponsored hacking group, has been actively exploiting PyYAML's unsafe loader functionality to conduct advanced persistent threat (APT) attacks. Most recently, they were responsible for the $1.5 billion Bybit cryptocurrency exchange hack in February 2025 - the largest heist in history.
The attackers specifically used PyYAML's
yaml.Loadervulnerability to execute remote code execution (RCE) attacks by tricking exchange employees into running seemingly legitimate Python code that contained:Changes in this PR
This PR significantly enhances PyYAML's security posture through several critical changes:
Loaderalias toUnsafeLoader: This prevents accidental use of the unsafe loaderUnsafeLoader,CUnsafeLoader, orunsafe_load()functions are usedUnsafeLoadertoSafeLoaderin various core functionsSecurity Impact
These changes provide multiple layers of protection:
Loaderalias prevents the specific attack pattern used in the Bybit hackBackward Compatibility
While this PR makes security-focused breaking changes, the actual impact should be minimal:
yaml.SafeLoaderoryaml.safe_load()will continue to work without changesyaml.FullLoaderoryaml.full_load()will continue to work without changesyaml.UnsafeLoaderoryaml.unsafe_load()will continue to work but will now generate runtime warningsyaml.Loaderalias will need to be updated to either useyaml.UnsafeLoader(not recommended) or preferably migrate toyaml.SafeLoaderoryaml.FullLoaderReferences
This PR helps eliminate a serious security vulnerability that has been exploited by nation-state actors to steal billions in cryptocurrency assets. By removing the unsafe loader alias and promoting safer defaults, we can help prevent future attacks.