{
  "repository": "langflow/langflow",
  "commit_source": "git_rev_parse_and_overlay_from_project_cache",
  "commit_sha": "315cc41b43c446bfb0e63d420ca55021f6f8987e",
  "submitted_target": {
    "target_kind": "git_tag_and_installed_package",
    "commit_sha": "322e4908b931a3efe2d65c6a7ad5ec373c5a5e1d",
    "version": "langflow 1.9.3 / lfx 0.4.6",
    "ref": "v1.9.3",
    "display": "Langflow OSS 1.9.3 with vulnerable installed lfx 0.4.6 from the reproduction virtualenv"
  },
  "variant_target": {
    "target_kind": "git_commit_overlay_and_installed_package",
    "commit_sha": "315cc41b43c446bfb0e63d420ca55021f6f8987e",
    "version": "repository HEAD tested by overlaying src/lfx/src/lfx/components/data_source/url.py and src/lfx/src/lfx/utils/ssrf_transport.py into PYTHONPATH; package metadata still reports lfx 0.4.6",
    "ref": "origin/main HEAD",
    "display": "Fixed/latest URLComponent from repository HEAD"
  },
  "notes": "The distinct alternate trigger is confirmed on the vulnerable installed package and blocked on fixed/latest HEAD, so this is not a fixed-version bypass. Exact HEAD identity was captured with git rev-parse HEAD and written to bundle/logs/vuln_variant/latest_version.txt. The repo checkout state was not changed."
}
