{
  "claim_outcome": "confirmed_distinct_variant_not_remote_bypass",
  "claim_block_reason": null,
  "variant_result": "confirmed_on_fixed_version",
  "repro_result": "confirmed",
  "validated_surface": "localhost_debug_agent",
  "evidence_scope": "production_path",
  "claimed_impact_class": "authz_bypass",
  "observed_impact_class": "credential_disclosure",
  "exploitability_confidence": "medium",
  "attacker_controlled_input": "unauthenticated HTTP GET to /debug/pprof/cmdline on the JuiceFS debug agent loopback port 127.0.0.1:6060",
  "trigger_path": "juicefs gateway/mount without --no-agent -> cmd/main.go:336 http.ListenAndServe('127.0.0.1:6060', nil) -> DefaultServeMux -> net/http/pprof /debug/pprof/cmdline -> leaks redis://:s3cr3tPass@127.0.0.1:6379/1 on the FIXED binary (commit a46979cd)",
  "end_to_end_target_reached": true,
  "sanitizer_used": false,
  "crash_observed": false,
  "read_write_primitive_observed": false,
  "exploit_chain_demonstrated": false,
  "blocking_mitigation": "The fix closes the REMOTE metrics/WebDAV/sync pprof surface (HTTP 404 on the fixed metrics port, verified). The debug-agent residual is localhost-only (127.0.0.1, no remote-bind flag) and disableable via --no-agent. Remote auth-bypass of the parent CVE is NOT reproduced.",
  "runtime_evidence": {
    "variant_on_fixed": true,
    "vuln_metrics_pprof": "200",
    "vuln_debug_agent_leak": true,
    "fixed_metrics_pprof": "404",
    "fixed_metrics_ok": "200",
    "fixed_debug_agent_leak": true,
    "fixed_debug_port": "6060",
    "fixed_debug_reachability": "loopback_only",
    "fixed_noagent_result": "disabled",
    "leaked_secret": "s3cr3tPass",
    "leaked_url": "redis://:s3cr3tPass@127.0.0.1:6379/1"
  },
  "verdict_explanation": "A distinct variant of the same root cause (DefaultServeMux + net/http/pprof import + nil-handler HTTP server) is confirmed on the FIXED commit a46979cd: the debug agent (cmd/main.go:336) and Java SDK debug agent (sdk/java/libjfs/main.go:573) were not converted to dedicated muxes and still serve /debug/pprof/cmdline, leaking metadata credentials on 127.0.0.1:6060. This is NOT a remote bypass of the parent CVE (the remote metrics/WebDAV/sync surfaces are correctly closed); it is a localhost-only fix-coverage gap reachable by a co-located local user or SSRF, disableable via --no-agent.",
  "inferred": false
}
