[2026-07-09T21:27:31+00:00] === Nuclio CVE-2026-52831 variant/bypass analysis === [2026-07-09T21:27:31+00:00] Root: /data/pruva/runs/dee90bab-260c-49da-b959-574bad8aee06/bundle [2026-07-09T21:27:31+00:00] Using repository: /data/pruva/project-cache/7182044f-d4bd-4461-bb94-67cc221ed6fc/repo repository=https://github.com/nuclio/nuclio repo_path=/data/pruva/project-cache/7182044f-d4bd-4461-bb94-67cc221ed6fc/repo current_head=3356b86a8bfab3f960aa420310ebff765df9dede submitted_vulnerable_parent=82b9b64ee9bc0c7d99447b5890ef85973fee4e36 fixed_commit=3356b86a8bfab3f960aa420310ebff765df9dede fixed_subject=[Security] Fix cron trigger shell injection (#4139) fixed_date=2026-06-01T10:58:54+03:00 [2026-07-09T21:27:32+00:00] Recording fixed patch stat and relevant source excerpts [2026-07-09T21:27:32+00:00] Scanning target security policy / threat model documents Security/threat-model file scan under repository root: /data/pruva/project-cache/7182044f-d4bd-4461-bb94-67cc221ed6fc/repo/.github/workflows/security_scan.yaml Security/vulnerability text mentions: /data/pruva/project-cache/7182044f-d4bd-4461-bb94-67cc221ed6fc/repo/pkg/platform/kube/functionres/lazy_test.go:1093: "args must not contain /bin/sh — that's the vulnerability") /data/pruva/project-cache/7182044f-d4bd-4461-bb94-67cc221ed6fc/repo/pkg/processor/runtime/shell/runtime_test.go:254: // Simulates the attack described in the vulnerability report: reading a /data/pruva/project-cache/7182044f-d4bd-4461-bb94-67cc221ed6fc/repo/pkg/processor/runtime/shell/runtime_test.go:255: // Kubernetes ServiceAccount token from the filesystem via command injection. [2026-07-09T21:27:32+00:00] Testing vulnerable parent invariant: cron-trigger generation uses /bin/sh -c [2026-07-09T21:27:32+00:00] Testing fixed invariant: no shell, curl exec form, body uses --data-raw [2026-07-09T21:27:32+00:00] Evaluating bounded variant candidates Candidate 1: event.headers key with quote/semicolon shell metacharacters (parent PoC surface). Vulnerable parent: reaches /bin/sh -c via curlCommand string. Fixed commit: rejected as bypass because user header is one argv entry after --header and no shell is present. Covered by lazy_test.go TestCronTriggerExecFormNoShellInjection/header_key_with_quote_does_not_break_shell. Candidate 2: event.body with command substitution $(id) or shell separators. Vulnerable parent: body is written through a shell command prefix, so command substitution is possible in the /bin/sh -c string. Fixed commit: rejected as bypass because body is passed as a literal argv value after --data-raw. Covered by lazy_test.go TestCronTriggerExecFormNoShellInjection/body_with_command_substitution_is_literal. Candidate 3: event.body beginning with @/path to trigger curl file-load semantics after shell removal. Vulnerable parent: old code used --data '@/tmp/eventbody.out' after writing a temp file via shell. Fixed commit: rejected as bypass because it deliberately uses --data-raw, not --data; @ is literal. Covered by lazy_test.go TestCronTriggerExecFormNoShellInjection/body_starting_with_at_is_not_file_load. Candidate 4: event.headers key/value beginning with @/path to trigger curl --header file-load semantics. Fixed commit: curl attempts to read a header file only when the *entire* --header argument starts with @. Nuclio formats the header argv as ': '; a key named '@/etc/passwd' would become '@/etc/passwd: value' and curl errors because that exact filename does not exist. This is option-level file-read behavior, not shell command execution, and no marker command executes. [2026-07-09T21:27:32+00:00] Running local curl argv-semantics probe for Candidate 4 (@ header) curl version: curl 8.18.0 (x86_64-pc-linux-gnu) libcurl/8.18.0 OpenSSL/3.5.5 zlib/1.3.1 brotli/1.2.0 zstd/1.5.7 libidn2/2.3.8 libpsl/0.21.2 libssh2/1.11.1 nghttp2/1.68.0 librtmp/2.3 mit-krb5/1.22.1 OpenLDAP/2.6.10 Probe command: curl --header '@/etc/passwd: marker' http://127.0.0.1:18080/ curl: Failed to open /etc/passwd: marker curl: option --header: error encountered when reading a file curl: try 'curl --help' or 'curl --manual' for more information curl_exit=26 server_log: [2026-07-09T21:27:32+00:00] Curl probe wrapper status: 0 [2026-07-09T21:27:32+00:00] No fixed-version bypass or materially distinct same-root-cause variant was confirmed