From 7e2f788d414dc0896127dfb537c2f6638af8c89a Mon Sep 17 00:00:00 2001 From: tomaioo Date: Tue, 23 Jun 2026 17:11:03 -0700 Subject: [PATCH] fix(security): unsafe yaml loading in postprocess_toc_yml.py The code uses yaml.load() without specifying a Loader parameter, which defaults to the unsafe Loader. This can lead to arbitrary code execution if an attacker can control the contents of toc.yml. The yaml.load() function is known to be vulnerable to deserialization attacks when used without a safe loader. Signed-off-by: tomaioo <203048277+tomaioo@users.noreply.github.com> --- ci_scripts/postprocess_toc_yml.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci_scripts/postprocess_toc_yml.py b/ci_scripts/postprocess_toc_yml.py index cda06d31f5fb..580c2d77f579 100644 --- a/ci_scripts/postprocess_toc_yml.py +++ b/ci_scripts/postprocess_toc_yml.py @@ -21,7 +21,7 @@ def rewrite_yml(data): with open("toc.yml", 'r') as stream: try: - data_loaded = yaml.load(stream) + data_loaded = yaml.safe_load(stream) for node in data_loaded: if 'name' in node: if node['name'].startswith('azure.') and node['name'] not in skipped_level2_packages: