GHSA-4FCP-JXH7-23X8: Unbounded YAML Alias Expansion Denial of Service in Dasel

Dasel is a data querying and modification tool that supports multiple data formats, including YAML, JSON, and XML. The vulnerability identified as GHSA-4FCP-JXH7-23X8 resides in the YAML parsing subsystem of the github.com/tomwright/dasel/v3 library. Specifically, the library fails to restrict the expansion of YAML aliases during document deserialization. This architectural oversight permits an attacker to supply a crafted YAML document that induces uncontrolled recursive expansion, leading to complete resource exhaustion.

The flaw manifests as a Denial of Service (DoS) condition via CPU and memory exhaustion. The vulnerability fundamentally stems from the library's custom implementation of the UnmarshalYAML interface. By handling YAML nodes manually, Dasel bypasses the built-in safety mechanisms of the underlying go-yaml v4 library. The underlying parser provides native protections against unbounded alias expansion when deserializing directly into Go data structures, but these protections are voided when interacting with raw abstract syntax tree (AST) nodes.

Exploitation requires no authentication and relies solely on the target application parsing attacker-controlled YAML input. The resulting uncontrolled resource consumption (CWE-400) triggers a rapid allocation of memory and sustained CPU utilization. In environments without strict resource quotas, this behavior reliably invokes the operating system's Out-Of-Memory (OOM) killer, terminating the affected process and causing immediate service degradation.

The YAML specification defines anchors (&) and aliases (*) as a mechanism to duplicate content and reduce document size. A standard YAML parser tracks these references and resolves them during the parsing phase. The go-yaml v4 package provides two distinct methods for processing YAML data: Unmarshal, which parses data directly into strongly typed Go values, and Decode, which parses data into an intermediate yaml.Node representation. The Unmarshal function maintains an internal counter to restrict alias expansion and prevent resource exhaustion.

Dasel utilizes the Decode pathway to interface with its custom parsing logic. The library implements the UnmarshalYAML(*yaml.Node) interface on its internal yamlValue struct. When the go-yaml decoder encounters an implementation of this interface, it delegates the processing of the raw yaml.Node tree to the custom method. In this specific configuration, the AST contains alias nodes that simply hold pointers to their respective anchor nodes, without having undergone the standard expansion process.

Dasel's implementation recursively traverses this AST to reconstruct the document structure. When the traversal logic encounters a yaml.AliasNode, it initiates a recursive call to UnmarshalYAML passing the alias target. The critical failure occurs because Dasel does not propagate an expansion budget or maintain a global resolution counter across these recursive calls. The absence of stateful expansion tracking allows the parser to process geometrically expanding references until system resources are entirely depleted.

The vulnerability exists within the parsing/yaml/yaml_reader.go file. The (*yamlReader).Read method instantiates a new decoder and instructs it to populate a yamlValue instance. This action triggers the (*yamlValue).UnmarshalYAML method, which acts as the primary AST traversal function. The method utilizes a switch statement to process different node types based on their Kind attribute.

The specific vulnerable code path is triggered when the node kind evaluates to yaml.AliasNode. The implementation instantiates a new yamlValue and immediately calls UnmarshalYAML recursively, passing the value.Alias pointer. The exact vulnerable code block from version 3.3.1 (commit fba653c7f248aff10f2b89fca93929b64707dfc8) demonstrates the lack of any boundary checking or depth limitation prior to the recursive invocation.

case yaml.AliasNode:
    newVal := &yamlValue{}
    if err := newVal.UnmarshalYAML(value.Alias); err != nil {
        return err
    }
    yv.value = newVal.value
    yv.value.SetMetadataValue("yaml-alias", value.Value)

The patched version introduces an expansion tracking mechanism. A robust remediation strategy involves maintaining an expansion counter within the parsing context and decrementing it upon each alias resolution. If the counter reaches zero, the function returns a predetermined error, such as "yaml: document contains excessive aliasing". This mechanism ensures that the processing time and memory allocation remain strictly proportional to a configurable upper bound, rather than growing exponentially based on the input structure.

The exploitation methodology leverages a technique commonly referred to as a "Billion Laughs" attack, adapted for the YAML format. The attacker constructs a highly nested payload utilizing a series of anchors and aliases. The initial anchor defines an array of string values. Subsequent anchors define arrays that reference the preceding anchor multiple times. This cascading reference structure creates a geometric progression of node expansions.

a: &a ["lol","lol","lol","lol","lol","lol","lol","lol","lol"]
b: &b [*a,*a,*a,*a,*a,*a,*a,*a,*a]
c: &c [*b,*b,*b,*b,*b,*b,*b,*b,*b]
d: &d [*c,*c,*c,*c,*c,*c,*c,*c,*c]
e: &e [*d,*d,*d,*d,*d,*d,*d,*d,*d]
f: &f [*e,*e,*e,*e,*e,*e,*e,*e,*e]
g: &g [*f,*f,*f,*f,*f,*f,*f,*f,*f]
h: &h [*g,*g,*g,*g,*g,*g,*g,*g,*g]
i: &i [*h,*h,*h,*h,*h,*h,*h,*h,*h]

When Dasel processes this 342-byte payload, the initial level resolves 9 references. The second level resolves 81 references. By the ninth level (i: &i), the parser attempts to resolve 387,420,489 string values in memory. The CPU remains locked in a tight recursive loop, continuously allocating memory for new yamlValue instances. The process exhibits a massive spike in memory utilization within milliseconds of processing the payload.

The attack vector depends entirely on the context in which Dasel is utilized. If used as a command-line interface (CLI) tool, the payload must be supplied via standard input or a local file. This limits the attack surface to scenarios where an administrator or automated script processes untrusted files. However, if the github.com/tomwright/dasel/v3 library is integrated into a network-facing application or API to parse user-supplied configurations, the vulnerability can be triggered remotely.

The primary consequence of this vulnerability is a complete localized Denial of Service. The rapid memory allocation required to instantiate hundreds of millions of yamlValue objects places extreme pressure on the Go garbage collector and the operating system's memory management subsystem. System RAM is quickly exhausted, pushing the operating system into heavy swap utilization and causing severe system-wide degradation.

In containerized environments, the outcome is typically a swift process termination by the OOM killer. If the application automatically restarts, repeated exploitation can trap the service in a crash loop, resulting in persistent downtime. While the attack does not compromise data confidentiality or integrity, the impact on availability is absolute. Applications relying on Dasel for core functionality become completely unresponsive during the attack window.

The CVSS v3.1 vector evaluates to CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, yielding a score of 6.2 (Medium). The Local (AV:L) attack vector reflects the requirement for the payload to be supplied to the Dasel parser, though this effectively becomes Network (AV:N) if the consuming application exposes the parsing endpoint to remote users. The lack of required privileges and user interaction maximizes the exploitability score for the targeted component.

The definitive mitigation for this vulnerability is upgrading the github.com/tomwright/dasel/v3 library to version 3.3.2 or later. The patch introduces internal limits on alias expansion depth and total resolution count, aligning the custom parsing logic with the safety standards established by the underlying go-yaml library. Organizations utilizing Dasel as a standalone binary must replace existing executables with the updated release.

Software engineering teams integrating Dasel as a Go dependency must update their go.mod files to reflect the patched version. Following the update, standard dependency resolution and compilation processes will embed the secure parsing logic. No application-level code modifications are required to accommodate the patch, as the function signatures and public APIs remain unchanged.

In operational environments where immediate patching is prohibited by change management protocols, mitigation requires implementing strict input validation prior to parsing. Network appliances or Web Application Firewalls (WAF) can be configured to reject YAML documents containing excessive occurrences of the anchor (&) and alias (*) syntax characters. Furthermore, enforcing rigid memory limits (e.g., via Docker memory flags or Kubernetes resource quotas) will constrain the blast radius, preventing a single vulnerable process from destabilizing the host system.