Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities found for Service Telemetry Framework 1.5 by Red Hat

    CVE-2026-11332 (GCVE-0-2026-11332)

    Vulnerability from nvd – Published: 2026-06-05 08:21 – Updated: 2026-07-10 14:50
    VLAI
    Title
    Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
    Summary
    A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field. This allows arbitrary code execution on the machine of a user who installs the role via ansible-galaxy role install.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Virtualization     cpe:/a:redhat:migration_toolkit_virtualization:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform Ansible Core 2     cpe:/a:redhat:ansible_core:2
    Create a notification for this product.
    Red Hat Red Hat Discovery 2     cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Self-service automation portal 2     cpe:/a:redhat:ansible_portal:2
    Create a notification for this product.
    Red Hat Service Telemetry Framework 1.5     cpe:/a:redhat:stf:1.5
    Create a notification for this product.
    Date Public
    2026-06-05 07:12
    Credits
    Red Hat would like to thank Tommaso Bona for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11332",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-05T15:43:53.403669Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-05T15:44:02.924Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-06-05T07:12:55.739Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role\u0027s meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field. This allows arbitrary code execution on the machine of a user who installs the role via ansible-galaxy role install."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-88",
                    "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:06:55.264Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-11332"
              },
              {
                "name": "RHBZ#2485379",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2485379"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-11332.json"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-14T00:00:00.000Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-06-05T07:12:55.739Z",
                "value": "Made public."
              }
            ],
            "title": "ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:migration_toolkit_applications:8"
              ],
              "defaultStatus": "unknown",
              "packageName": "mta/mta-rhel9-operator",
              "product": "Migration Toolkit for Applications 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:migration_toolkit_virtualization:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "migration-toolkit-virtualization/mtv-rhel9-operator",
              "product": "Migration Toolkit for Virtualization",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:migration_toolkit_virtualization:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "mtv-candidate/mtv-rhel9-operator",
              "product": "Migration Toolkit for Virtualization",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:service_mesh:3"
              ],
              "defaultStatus": "unknown",
              "packageName": "openshift-service-mesh/kiali-rhel9-operator",
              "product": "OpenShift Service Mesh 3",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:acm:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "rhacm2/volsync-operator-bundle",
              "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:acm:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "rhacm2/volsync-rhel9",
              "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-24/lightspeed-rhel8",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-25/lightspeed-rhel8",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/de-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/de-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/eda-controller-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/eda-controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/ee-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/gateway-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/hub-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/hub-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/lightspeed-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/lightspeed-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/platform-resource-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/platform-resource-runner-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/aap-cloud-billing-operator-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/de-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/de-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/eda-controller-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/eda-controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/ee-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/gateway-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/hub-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/hub-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/lightspeed-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/lightspeed-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/metrics-service-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/platform-resource-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/platform-resource-runner-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-tech-preview/ansible-devspaces-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-tech-preview/metrics-service-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform/ee-minimal-rhel8",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform-tech-preview/ee-minimal-rhel8",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform-tech-preview/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "unknown",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4"
              ],
              "defaultStatus": "unknown",
              "packageName": "openshift4/ose-ansible-rhel9-operator",
              "product": "Red Hat OpenShift Container Platform 4",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-core",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_portal:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform/bootc-automation-portal-rhel9",
              "product": "Self-service automation portal 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:stf:1.5"
              ],
              "defaultStatus": "unknown",
              "packageName": "stf/service-telemetry-rhel9-operator",
              "product": "Service Telemetry Framework 1.5",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:stf:1.5"
              ],
              "defaultStatus": "unknown",
              "packageName": "stf/smart-gateway-rhel9-operator",
              "product": "Service Telemetry Framework 1.5",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Tommaso Bona for reporting this issue."
            }
          ],
          "datePublic": "2026-06-05T07:12:55.739Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role\u0027s meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field. This allows arbitrary code execution on the machine of a user who installs the role via ansible-galaxy role install."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-88",
                  "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-10T14:50:00.170Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-11332"
            },
            {
              "name": "RHBZ#2485379",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2485379"
            },
            {
              "url": "https://github.com/ansible/ansible"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-14T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-06-05T07:12:55.739Z",
              "value": "Made public."
            }
          ],
          "title": "Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-11332",
        "datePublished": "2026-06-05T08:21:43.027Z",
        "dateReserved": "2026-06-05T07:58:25.632Z",
        "dateUpdated": "2026-07-10T14:50:00.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-11332 (GCVE-0-2026-11332)

    Vulnerability from cvelistv5 – Published: 2026-06-05 08:21 – Updated: 2026-07-10 14:50
    VLAI
    Title
    Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution
    Summary
    A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field. This allows arbitrary code execution on the machine of a user who installs the role via ansible-galaxy role install.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat Migration Toolkit for Applications 8     cpe:/a:redhat:migration_toolkit_applications:8
    Create a notification for this product.
    Red Hat Migration Toolkit for Virtualization     cpe:/a:redhat:migration_toolkit_virtualization:2
    Create a notification for this product.
    Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
    Create a notification for this product.
    Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
    Create a notification for this product.
    Red Hat Red Hat Ansible Automation Platform Ansible Core 2     cpe:/a:redhat:ansible_core:2
    Create a notification for this product.
    Red Hat Red Hat Discovery 2     cpe:/a:redhat:discovery:2::el9
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
    Create a notification for this product.
    Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
    Create a notification for this product.
    Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
    Create a notification for this product.
    Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
    Create a notification for this product.
    Red Hat Self-service automation portal 2     cpe:/a:redhat:ansible_portal:2
    Create a notification for this product.
    Red Hat Service Telemetry Framework 1.5     cpe:/a:redhat:stf:1.5
    Create a notification for this product.
    Date Public
    2026-06-05 07:12
    Credits
    Red Hat would like to thank Tommaso Bona for reporting this issue.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11332",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-05T15:43:53.403669Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-05T15:44:02.924Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:ansible_automation_platform:2"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Ansible Automation Platform 2",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-06-05T07:12:55.739Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role\u0027s meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field. This allows arbitrary code execution on the machine of a user who installs the role via ansible-galaxy role install."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-88",
                    "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T12:06:55.264Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-11332"
              },
              {
                "name": "RHBZ#2485379",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2485379"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-11332.json"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-04-14T00:00:00.000Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-06-05T07:12:55.739Z",
                "value": "Made public."
              }
            ],
            "title": "ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:migration_toolkit_applications:8"
              ],
              "defaultStatus": "unknown",
              "packageName": "mta/mta-rhel9-operator",
              "product": "Migration Toolkit for Applications 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:migration_toolkit_virtualization:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "migration-toolkit-virtualization/mtv-rhel9-operator",
              "product": "Migration Toolkit for Virtualization",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:migration_toolkit_virtualization:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "mtv-candidate/mtv-rhel9-operator",
              "product": "Migration Toolkit for Virtualization",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:service_mesh:3"
              ],
              "defaultStatus": "unknown",
              "packageName": "openshift-service-mesh/kiali-rhel9-operator",
              "product": "OpenShift Service Mesh 3",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:acm:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "rhacm2/volsync-operator-bundle",
              "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:acm:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "rhacm2/volsync-rhel9",
              "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-24/lightspeed-rhel8",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-25/lightspeed-rhel8",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/de-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/de-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/eda-controller-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/eda-controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/ee-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/gateway-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/hub-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/hub-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/lightspeed-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/lightspeed-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/platform-resource-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-26/platform-resource-runner-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/aap-cloud-billing-operator-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/de-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/de-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/eda-controller-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/eda-controller-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/ee-supported-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/gateway-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/hub-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/hub-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/lightspeed-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/lightspeed-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/metrics-service-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/platform-resource-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-27/platform-resource-runner-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-tech-preview/ansible-devspaces-rhel9",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-automation-platform-tech-preview/metrics-service-rhel9-operator",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_automation_platform:2"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Ansible Automation Platform 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform/ee-minimal-rhel8",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform-tech-preview/ee-minimal-rhel8",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_core:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform-tech-preview/ee-minimal-rhel9",
              "product": "Red Hat Ansible Automation Platform Ansible Core 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:discovery:2::el9"
              ],
              "defaultStatus": "unknown",
              "packageName": "discovery/discovery-server-rhel9",
              "product": "Red Hat Discovery 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:10"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Enterprise Linux 10",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:8"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Enterprise Linux 8",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/o:redhat:enterprise_linux:9"
              ],
              "defaultStatus": "affected",
              "packageName": "ansible-core",
              "product": "Red Hat Enterprise Linux 9",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift:4"
              ],
              "defaultStatus": "unknown",
              "packageName": "openshift4/ose-ansible-rhel9-operator",
              "product": "Red Hat OpenShift Container Platform 4",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:satellite:6"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-core",
              "product": "Red Hat Satellite 6",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:ansible_portal:2"
              ],
              "defaultStatus": "unknown",
              "packageName": "ansible-automation-platform/bootc-automation-portal-rhel9",
              "product": "Self-service automation portal 2",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:stf:1.5"
              ],
              "defaultStatus": "unknown",
              "packageName": "stf/service-telemetry-rhel9-operator",
              "product": "Service Telemetry Framework 1.5",
              "vendor": "Red Hat"
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:stf:1.5"
              ],
              "defaultStatus": "unknown",
              "packageName": "stf/smart-gateway-rhel9-operator",
              "product": "Service Telemetry Framework 1.5",
              "vendor": "Red Hat"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Red Hat would like to thank Tommaso Bona for reporting this issue."
            }
          ],
          "datePublic": "2026-06-05T07:12:55.739Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role\u0027s meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field. This allows arbitrary code execution on the machine of a user who installs the role via ansible-galaxy role install."
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Important"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-88",
                  "description": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-10T14:50:00.170Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2026-11332"
            },
            {
              "name": "RHBZ#2485379",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2485379"
            },
            {
              "url": "https://github.com/ansible/ansible"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-14T00:00:00.000Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2026-06-05T07:12:55.739Z",
              "value": "Made public."
            }
          ],
          "title": "Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2026-11332",
        "datePublished": "2026-06-05T08:21:43.027Z",
        "dateReserved": "2026-06-05T07:58:25.632Z",
        "dateUpdated": "2026-07-10T14:50:00.170Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }