{
  "variant_id": "CVE-2026-58138-variant-python-lambda-graaljs",
  "created_at": "2026-07-05T06:45:00Z",
  "variant_summary": "Three alternate triggers (Python evaluator via INLINE, LAMBDA task, graaljs evaluator alias) for CVE-2026-58138's unauthenticated RCE via GraalVM script evaluators. All reproduce on vulnerable 3.22.3; all blocked on fixed 3.30.2. No bypass found. Java.type() bypass attempt also blocked on fixed version.",
  "relation": "newer_version_sibling",
  "origin_kind": "pruva_variant",
  "repository": "conductor-oss/conductor",
  "submitted_target": {
    "target_kind": "docker_image",
    "version": "3.22.3",
    "ref": "v3.22.3",
    "commit_sha": "c969d9b82d4f37e92dffe2fa85da026af32956b3",
    "display": "conductoross/conductor:3.22.3"
  },
  "variant_target": {
    "target_kind": "docker_image",
    "version": "3.30.2",
    "ref": "v3.30.2",
    "commit_sha": "2bea5078f916c0d529cd0f32a55f79425b65a5b8",
    "display": "conductoross/conductor:3.30.2"
  },
  "same_root_cause_confidence": "high",
  "same_surface_confidence": "high",
  "claimed_surface": "api_remote",
  "validated_surface": "api_remote",
  "required_entrypoint_kind": "endpoint",
  "required_entrypoint_detail": "Unauthenticated Conductor REST API: POST /api/metadata/workflow + POST /api/workflow/{name} (no auth). Tested with INLINE+python, LAMBDA+JS, INLINE+graaljs, and INLINE+javascript(Java.type bypass) task types.",
  "attacker_controlled_input": "Unauthenticated workflow definition with INLINE (evaluatorType=python/graaljs/javascript) or LAMBDA task containing a malicious script expression that bootstraps Java reflection/Runtime.exec (JS) or Java interop import (Python).",
  "trigger_path": "POST /api/metadata/workflow (register, no auth) + POST /api/workflow/{name} (start, no auth) -> INLINE/LAMBDA system task evaluates the script expression in a GraalVM Context -> reflective Runtime.exec (JS) or java.lang.Runtime import (Python) -> command stdout returned in GET /api/workflow/{id}?includeTasks=true tasks[].outputData.result",
  "observed_impact_class": "code_execution",
  "exploitability_confidence": "high",
  "evidence_scope": "production_path",
  "runtime_manifest_present": true,
  "end_to_end_target_reached": true,
  "inferred": false,
  "claim_block_reason": "no_bypass_found",
  "blocking_mitigation": "Fix in v3.30.2 (commits 87a7d96 + c691e35): ScriptEvaluator.createNewContext() uses denyAccess for Class/ClassLoader/reflection.*/Runtime/ProcessBuilder/Process/System/Thread/ThreadGroup + allowHostClassLoading(false) + allowCreateProcess(false) + allowIO(IOAccess.NONE) + js.load=false. PythonEvaluator removes allowAllAccess(true), defaulting to GraalVM safe mode. All tested variants (python, lambda, graaljs, Java.type bypass) blocked on fixed version.",
  "file_path": "core/src/main/java/com/netflix/conductor/core/events/ScriptEvaluator.java",
  "line_start": 117,
  "line_end": 145,
  "secondary_anchors": [
    {
      "file_path": "core/src/main/java/com/netflix/conductor/core/execution/evaluators/PythonEvaluator.java",
      "line_start": 32,
      "line_end": 32
    },
    {
      "file_path": "core/src/main/java/com/netflix/conductor/core/execution/tasks/Lambda.java",
      "line_start": 78,
      "line_end": 82
    },
    {
      "file_path": "core/src/main/java/com/netflix/conductor/core/execution/tasks/Inline.java",
      "line_start": 60,
      "line_end": 90
    },
    {
      "file_path": "core/src/main/java/com/netflix/conductor/core/execution/evaluators/GraalJSEvaluator.java",
      "line_start": 50,
      "line_end": 55
    }
  ],
  "review_scope_paths": [
    "core/src/main/java/com/netflix/conductor/core/events/ScriptEvaluator.java",
    "core/src/main/java/com/netflix/conductor/core/execution/evaluators/PythonEvaluator.java",
    "core/src/main/java/com/netflix/conductor/core/execution/evaluators/JavascriptEvaluator.java",
    "core/src/main/java/com/netflix/conductor/core/execution/evaluators/GraalJSEvaluator.java",
    "core/src/main/java/com/netflix/conductor/core/execution/tasks/Inline.java",
    "core/src/main/java/com/netflix/conductor/core/execution/tasks/Lambda.java",
    "core/src/main/java/com/netflix/conductor/core/execution/tasks/DoWhile.java",
    "core/src/main/java/com/netflix/conductor/core/execution/mapper/DecisionTaskMapper.java",
    "core/src/main/java/com/netflix/conductor/core/events/DefaultEventProcessor.java",
    "core/src/main/java/com/netflix/conductor/validations/WorkflowTaskTypeConstraint.java"
  ],
  "artifact_refs": {
    "variant_manifest": "bundle/vuln_variant/variant_manifest.json",
    "validation_verdict": "bundle/vuln_variant/validation_verdict.json",
    "runtime_manifest": "bundle/vuln_variant/runtime_manifest.json",
    "repro_log": "bundle/logs/vuln_variant_steps.log",
    "root_cause_equivalence": "bundle/vuln_variant/root_cause_equivalence.json",
    "reproducer": [
      "bundle/vuln_variant/reproduction_steps.sh",
      "bundle/vuln_variant/variant_exploit.py"
    ]
  }
}
