Human
Machine
REPRO-2026-00001 HIGH Path Traversal
Verified
Setuptools Path Traversal via PackageIndex.download
setuptools (pip) Jan 7, 2026
What's the vulnerability?
No summary available
Root Cause Analysis
One Command
Verify with pruva-verify
Run the Pruva CLI to automatically fetch and execute the reproduction script.
pruva-verify REPRO-2026-00001 or
pruva-verify GHSA-5rjg-fvgr-3xxf or
pruva-verify CVE-2025-47273 Install:
curl -fsSL https://pruva.dev/install.sh | sh Or Run Manually
1
Download the script
curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00001/artifacts/repro/reproduction_steps.sh 2
Make executable
chmod +x reproduction_steps.sh 3
Run the script
./reproduction_steps.sh Run in a VM, container, or disposable environment. This exploits a real vulnerability.
How Pruva Reproduced This
Watch the AI agent's step-by-step process.
Loading session...
Artifacts
repro/rca_report.md4.4 KBrepro/reproduction_steps.sh8.3 KBreproduction_steps.sh0.3 KBlogs/pip_install.log0.0 KBlogs/poc_patched.jsonl0.7 KBlogs/poc_patched.log0.7 KBlogs/poc_vulnerable.jsonl0.4 KBlogs/poc_vulnerable.log0.5 KBlogs/result.json0.2 KBrepro/attempts.txt0.3 KBrepro/patch_analysis.md2.5 KBrepro/poc.py3.3 KBticket.md2.6 KB