| # F005 Path Traversal Evidence Pack |
|
|
| Finding: F005 |
| Title: Path traversal in joblib memmapping context_id escapes temp folder and normal cleanup deletes outside directory |
| Date UTC: 2026-05-01T10:23:38+00:00 |
| |
| Primary confirmed facts: |
| - joblib 1.5.3 accepts context_id='../../../victim' through get_memmapping_executor. |
| - The registered and resolved temp folder path escapes the configured safe_root. |
| - After set_current_context(payload), memmapping writes .pkl files into the escaped victim directory. |
| - terminate(kill_workers=True) deletes the escaped victim directory in the lifecycle matrix. |
| - Normal interpreter shutdown / atexit also deletes the escaped victim directory. |
| - The live target health endpoint confirmed Python 3.10.20, joblib 1.5.3, and NumPy 2.2.6. |
|
|
| Important limits: |
| - This is a local/library API primitive unless a service exposes context_id remotely. |
| - This evidence does not claim successful HTTP exploitation through ts.01data.ai routes. |
| - Impact is within the filesystem permissions of the running process. |
| |
| Key evidence: |
| - evidence/07_f005_exhaust_lifecycle_matrix_output.txt |
| - evidence/08_f005_decisive_lifecycle_verdicts.txt |
| - evidence/09_f005_lifecycle_tail_excerpt.txt |
| - evidence/03_f005_real_get_memmapping_executor_output.txt |
| - evidence/05_f005_real_executor_manager_cleanup_output.txt |
| - source/SOURCE_REFERENCES.md |
| - raw_http/01_live_health.txt |
|
|
