{
  "variant_stage_outcome": "confirmed_bypass",
  "distinct_variant_confirmed": true,
  "bypass_confirmed_on_fixed_version": true,
  "claim_block_reason": null,
  "blocking_mitigation": null,
  "repro_result": "confirmed",
  "validated_surface": "api_remote",
  "evidence_scope": "production_path",
  "tested_vulnerable_version": "3.2.2",
  "tested_fixed_or_latest_version": "3.3.0",
  "fixed_or_latest_is_latest_release": true,
  "claimed_impact_class": "code_execution",
  "observed_impact_class": "code_execution",
  "exploitability_confidence": "high",
  "same_root_cause_confidence": "high",
  "same_surface_confidence": "high",
  "attacker_controlled_input": "serialized DAG field dag.default_args containing AIRFLOW_EXC_SER with exc_cls_name=evil_exception_module.EvilException",
  "trigger_path": "HTTP GET /ui/grid/structure/{dag_id} -> SerializedDagModel.dag -> DagSerialization.from_dict -> BaseSerialization.deserialize(AIRFLOW_EXC_SER) -> import_string(attacker exc_cls_name)",
  "end_to_end_target_reached": true,
  "sanitizer_used": false,
  "crash_observed": false,
  "read_write_primitive_observed": true,
  "exploit_chain_demonstrated": true,
  "variant_vs_parent": "Parent used DAT.BASE_TRIGGER, which is removed/rejected in Airflow 3.3.0. Variant uses the still-present DAT.AIRFLOW_EXC_SER branch and reproduces on Airflow 3.3.0.",
  "evidence": {
    "repro_log": "bundle/logs/vuln_variant/reproduction_steps.log",
    "fixed_attempt_json": "bundle/logs/vuln_variant/airflow_exc_3.3.0_variant.json",
    "fixed_marker": "bundle/vuln_variant/artifacts/airflow_exc_3.3.0_variant/api_server_airflow_exc_marker.txt",
    "runtime_manifest": "bundle/vuln_variant/runtime_manifest.json"
  },
  "inferred": false
}
