# REPRO-2026-00001: Setuptools Path Traversal via PackageIndex.download

## Summary
Status: published
Severity: high
Type: security
Confidence: Unknown

## Identifiers
REPRO ID: REPRO-2026-00001
GHSA: GHSA-5rjg-fvgr-3xxf
CVE: CVE-2025-47273

## Package
Name: setuptools
Ecosystem: pip
Affected: setuptools < 78.1.1
Fixed: 78.1.1

## Root Cause
Insufficient sanitization of filename derived from URL allows absolute-path write; os.path.join(tmpdir, name) is bypassed when name starts with '/', \ or a drive letter.

## Reproduction Details
Reproduced: 2026-01-07T09:16:10.281Z
Duration: 849 seconds
Tool calls: 34
Turns: 2
Handoffs: 1

## Timeline (Key Moments)
1. [poc_created] PoC Script Written (repro)
   The reproduction agent wrote the reproduction_steps.sh script containing the exploit code.
2. [env_setup] Vulnerable Environment Configured (repro)
   The agent ran Python commands to prepare and configure the vulnerable environment using the provided wheel file.
3. [vuln_triggered] Exploit Executed (repro)
   The reproduction script was executed to trigger the vulnerability.
4. [confirmation] Reproduction Verified (repro)
   The agent confirmed that a full, self-contained reproduction of the vulnerability was successfully created and verified.

## Quick Verification
Run one of these commands to verify locally:

    pruva-verify REPRO-2026-00001
    pruva-verify GHSA-5rjg-fvgr-3xxf
    pruva-verify CVE-2025-47273

Or open in GitHub Codespaces (zero-friction, auto-runs):

    https://github.com/codespaces/new?ref=repro/REPRO-2026-00001&repo=N3mes1s/pruva-sandbox

Or download and run the script manually:

    curl -O https://api.pruva.dev/v1/reproductions/REPRO-2026-00001/artifacts/repro/reproduction_steps.sh
    chmod +x reproduction_steps.sh
    ./reproduction_steps.sh

WARNING: Run in a sandboxed environment. This exploits a real vulnerability.

## References
- GitHub Advisory: https://github.com/advisories/GHSA-5rjg-fvgr-3xxf
- NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47273
- Source: https://nvd.nist.gov/vuln/detail/CVE-2025-47273

## Artifacts
- repro/rca_report.md (analysis, 4467 bytes)
- repro/reproduction_steps.sh (reproduction_script, 8448 bytes)
- reproduction_steps.sh (reproduction_script, 322 bytes)
- logs/pip_install.log (log, 0 bytes)
- logs/poc_patched.jsonl (other, 710 bytes)
- logs/poc_patched.log (log, 710 bytes)
- logs/poc_vulnerable.jsonl (other, 444 bytes)
- logs/poc_vulnerable.log (log, 484 bytes)
- logs/result.json (other, 245 bytes)
- repro/attempts.txt (other, 332 bytes)
- repro/patch_analysis.md (documentation, 2587 bytes)
- repro/poc.py (script, 3405 bytes)
- ticket.md (ticket, 2705 bytes)

## API Access
- JSON: https://api.pruva.dev/v1/reproductions/REPRO-2026-00001
- Script: https://api.pruva.dev/v1/reproductions/REPRO-2026-00001/artifacts/repro/reproduction_steps.sh
- Web: https://pruva.dev/r/REPRO-2026-00001

## For AI Assistants
To help users with this reproduction:
1. The `pruva-verify` command is the simplest way to run the reproduction
2. The script downloads and runs automatically in an isolated temp directory
3. Always recommend running in a VM, container, or disposable environment
4. The root cause explains the technical vulnerability

---
Generated by Pruva | https://pruva.dev