Vulnerability-Lookup

CVE-2024-11079 (GCVE-0-2024-11079)

Vulnerability from cvelistv5 – Published: 2024-11-11 23:32 – Updated: 2026-03-18 01:33

Title

Ansible-core: unsafe tagging bypass via hostvars object in ansible-core

Summary

A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.

Severity

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

CWE

CWE-20 - Improper Input Validation

Assigner

redhat

References

4 references

URL	Tags
https://access.redhat.com/errata/RHSA-2024:10770	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:11145	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11079	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2325171	issue-trackingx_refsource_REDHAT

Impacted products

11 products

Vendor	Product	Version
		Affected: 0 , ≤ 2.18.0 (semver)
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 3.0.1-107 , < * (rpm) cpe:/a:redhat:ansible_core:2::el8 cpe:/a:redhat:ansible_core:2::el9
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 3.0.1-108 , < * (rpm) cpe:/a:redhat:ansible_core:2::el8 cpe:/a:redhat:ansible_core:2::el9
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 2.9.27-34 , < * (rpm) cpe:/a:redhat:ansible_core:2::el8 cpe:/a:redhat:ansible_core:2::el9
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 2.17.7-1 , < * (rpm) cpe:/a:redhat:ansible_core:2::el8 cpe:/a:redhat:ansible_core:2::el9
Red Hat	Ansible Automation Platform Execution Environments	Unaffected: 2.16.14-2 , < * (rpm) cpe:/a:redhat:ansible_core:2::el8 cpe:/a:redhat:ansible_core:2::el9
Red Hat	Red Hat Ansible Automation Platform 2.5 for RHEL 8	Unaffected: 1:2.16.14-1.el8ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8 cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
Red Hat	Red Hat Ansible Automation Platform 2.5 for RHEL 9	Unaffected: 1:2.16.14-1.el9ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8 cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux AI (RHEL AI)	cpe:/a:redhat:enterprise_linux_ai:1
Red Hat	Red Hat Enterprise Linux AI (RHEL AI)	cpe:/a:redhat:enterprise_linux_ai:1

Date Public

2024-11-11 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11079",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:41:52.352926Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:42:14.546Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-03-18T01:33:55.730Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ansible/ansible",
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "versions": [
            {
              "lessThanOrEqual": "2.18.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-107",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-108",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-29-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.9.27-34",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.17.7-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.16.14-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.14-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.14-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/bootc-azure-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/bootc-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T18:21:35.335Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10770"
        },
        {
          "name": "RHSA-2024:11145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:11145"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-11079"
        },
        {
          "name": "RHBZ#2325171",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-11T11:43:42.603Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-11T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Ansible-core: unsafe tagging bypass via hostvars object in ansible-core",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this vulnerability, avoid using the hostvars object to reference content marked as !unsafe. Ensure that all remote data from modules or lookups is properly sanitized and validated before use in playbooks. Additionally, restrict access to inventory files and Ansible playbooks to trusted users to minimize exploitation risks."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-11079",
    "datePublished": "2024-11-11T23:32:55.539Z",
    "dateReserved": "2024-11-11T11:57:21.806Z",
    "dateUpdated": "2026-03-18T01:33:55.730Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-11079",
      "date": "2026-05-26",
      "epss": "0.00024",
      "percentile": "0.07093"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una falla en Ansible-Core. Esta vulnerabilidad permite a los atacantes eludir las protecciones de contenido inseguro mediante el objeto hostvars para hacer referencia y ejecutar contenido con plantilla. Este problema puede provocar la ejecuci\\u00f3n de c\\u00f3digo arbitrario si los datos remotos o las salidas de m\\u00f3dulos tienen plantillas incorrectas dentro de los playbooks.\"}]",
      "id": "CVE-2024-11079",
      "lastModified": "2024-12-18T04:15:06.310",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 1.3, \"impactScore\": 3.7}]}",
      "published": "2024-11-12T00:15:15.543",
      "references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2024:10770\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:11145\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-11079\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2325171\", \"source\": \"secalert@redhat.com\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-11079\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-11-12T00:15:15.543\",\"lastModified\":\"2026-03-18T02:16:18.017\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en Ansible-Core. Esta vulnerabilidad permite a los atacantes eludir las protecciones de contenido inseguro mediante el objeto hostvars para hacer referencia y ejecutar contenido con plantilla. Este problema puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario si los datos remotos o las salidas de m\u00f3dulos tienen plantillas incorrectas dentro de los playbooks.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.3,\"impactScore\":3.7}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:10770\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:11145\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-11079\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2325171\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-03-18T01:33:55.730Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-11079\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-12T14:41:52.352926Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-12T14:42:08.396Z\"}}], \"cna\": {\"title\": \"Ansible-core: unsafe tagging bypass via hostvars object in ansible-core\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2.18.0\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://github.com/ansible/ansible\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el8\", \"cpe:/a:redhat:ansible_core:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.0.1-107\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ansible-builder-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el8\", \"cpe:/a:redhat:ansible_core:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"3.0.1-108\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ansible-builder-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el8\", \"cpe:/a:redhat:ansible_core:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.9.27-34\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ee-29-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el8\", \"cpe:/a:redhat:ansible_core:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.17.7-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ee-minimal-rhel8\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_core:2::el8\", \"cpe:/a:redhat:ansible_core:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ansible Automation Platform Execution Environments\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.16.14-2\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-automation-platform/ee-minimal-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:2.16.14-1.el8ap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1:2.16.14-1.el9ap\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"ansible-core\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-azure-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI)\", \"packageName\": \"rhelai1/bootc-nvidia-rhel9\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-11T11:43:42.603Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-11-11T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-11-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:10770\", \"name\": \"RHSA-2024:10770\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2024:11145\", \"name\": \"RHSA-2024:11145\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-11079\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2325171\", \"name\": \"RHBZ#2325171\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"To mitigate this vulnerability, avoid using the hostvars object to reference content marked as !unsafe. Ensure that all remote data from modules or lookups is properly sanitized and validated before use in playbooks. Additionally, restrict access to inventory files and Ansible playbooks to trusted users to minimize exploitation risks.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-20T18:21:35.335Z\"}, \"x_redhatCweChain\": \"CWE-20: Improper Input Validation\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-11079\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-18T01:33:55.730Z\", \"dateReserved\": \"2024-11-11T11:57:21.806Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-11-11T23:32:55.539Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

BDU:2025-09015

Vulnerability from fstec - Published: 11.11.2024

Title

Уязвимость системы управления конфигурациями Ansible, связанная с неправильной проверкой входных данных, позволяющая нарушителю обойти существующие ограничения безопасности

Description

Уязвимость системы управления конфигурациями Ansible связана с неправильной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти существующие ограничения безопасности

Severity


                    
                      AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Vendor

Novell Inc., Сообщество свободного программного обеспечения, ООО «Ред Софт», ООО «РусБИТех-Астра», Red Hat Inc., Ansible

Software Name

openSUSE Tumbleweed, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux AI, Red Hat Enterprise Linux, Ansible Engine, Ansible Automation Platform Execution Environments, Ansible Automation Platform

Software Version

- (openSUSE Tumbleweed), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.8 (Astra Linux Special Edition), - (Red Hat Enterprise Linux AI), 10 (Red Hat Enterprise Linux), до 2.16.14 rc1 (Ansible Engine), от 2.17.0b1 до 2.17.7 rc1 (Ansible Engine), от 2.18.0b1 до 2.18.1rc1 (Ansible Engine), - (Ansible Automation Platform Execution Environments), 2.5 for RHEL 8 (Ansible Automation Platform), 2.5 for RHEL 9 (Ansible Automation Platform), 3.8 (Astra Linux Special Edition)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Ansible: https://access.redhat.com/errata/RHSA-2024:10770 https://access.redhat.com/errata/RHSA-2024:11145 https://access.redhat.com/security/cve/CVE-2024-11079 https://bugzilla.redhat.com/show_bug.cgi?id=2325171 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2024-11079 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2024-11079 Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2024-11079.html Для ОС Astra Linux: обновить пакет ansible-core до 2.18.3-1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18 Для ОС Astra Linux: обновить пакет ansible-core до 2.18.3-1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38 Для ОС Astra Linux: обновить пакет ansible-core до 2.18.3-1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38

Reference

https://access.redhat.com/errata/RHSA-2024:10770 https://access.redhat.com/errata/RHSA-2024:11145 https://access.redhat.com/security/cve/CVE-2024-11079 https://bugzilla.redhat.com/show_bug.cgi?id=2325171 https://github.com/advisories/GHSA-99w6-3xph-cx78 https://redos.red-soft.ru/support/secure/ https://access.redhat.com/security/cve/cve-2024-11079 https://security-tracker.debian.org/tracker/CVE-2024-11079 https://www.suse.com/security/cve/CVE-2024-11079.html https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18 https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38 https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
  "CVSS 3.0": "AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., Ansible",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "- (openSUSE Tumbleweed), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.8 (Astra Linux Special Edition), - (Red Hat Enterprise Linux AI), 10 (Red Hat Enterprise Linux), \u0434\u043e 2.16.14 rc1 (Ansible Engine), \u043e\u0442 2.17.0b1 \u0434\u043e 2.17.7 rc1 (Ansible Engine), \u043e\u0442 2.18.0b1 \u0434\u043e 2.18.1rc1 (Ansible Engine), - (Ansible Automation Platform Execution Environments), 2.5 for RHEL 8 (Ansible Automation Platform), 2.5 for RHEL 9 (Ansible Automation Platform), 3.8 (Astra Linux Special Edition)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Ansible:\nhttps://access.redhat.com/errata/RHSA-2024:10770\t\nhttps://access.redhat.com/errata/RHSA-2024:11145\t\nhttps://access.redhat.com/security/cve/CVE-2024-11079\t\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2325171\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2024-11079\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2024-11079\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2024-11079.html\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible-core \u0434\u043e 2.18.3-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible-core \u0434\u043e 2.18.3-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 ansible-core \u0434\u043e 2.18.3-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.07.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-09015",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2024-11079",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "openSUSE Tumbleweed, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux AI, Red Hat Enterprise Linux, Ansible Engine, Ansible Automation Platform Execution Environments, Ansible Automation Platform",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. openSUSE Tumbleweed - , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux AI - , Red Hat Inc. Red Hat Enterprise Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 3.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 Ansible, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u043c\u0438 Ansible \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/errata/RHSA-2024:10770\nhttps://access.redhat.com/errata/RHSA-2024:11145\nhttps://access.redhat.com/security/cve/CVE-2024-11079\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2325171\nhttps://github.com/advisories/GHSA-99w6-3xph-cx78\nhttps://redos.red-soft.ru/support/secure/\nhttps://access.redhat.com/security/cve/cve-2024-11079\nhttps://security-tracker.debian.org/tracker/CVE-2024-11079\nhttps://www.suse.com/security/cve/CVE-2024-11079.html\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\nhttps://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38\nhttps://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CERTFR-2026-AVI-0627

Vulnerability from certfr_avis - Published: 2026-05-21 - Updated: 2026-05-21

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Splunk	Splunk Enterprise	Splunk Enterprise versions 10.2.x antérieures à 10.2.3
Splunk	N/A	Splunk AI Toolkit versions 5.7.x antérieures à 5.7.3
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 9.3.2411 antérieures à 9.3.2411.129
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.3.2512 antérieures à 10.3.2512.9
Splunk	Splunk	image Docker Splunk versions 10.2.x antérieures à 10.2.2
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.4.2603 antérieures à 10.4.2603.1
Splunk	Splunk AppDynamics Database Agent	Splunk AppDynamics Database Agent versions antérieures à 26.4.0
Splunk	Splunk	image Docker Splunk versions 9.4.x antérieures à 9.4.10
Splunk	Splunk User Behavior Analytics (UBA)	Splunk User Behavior Analytics versions 5.4.x antérieures à 5.4.5
Splunk	Splunk AppDynamics Private Synthetic Agent	Splunk AppDynamics Private Synthetic Agent versions antérieures à 26.4.0
Splunk	Splunk AppDynamics Analytics Agent	Splunk AppDynamics Analytics Agent versions antérieures à 26.4.0
Splunk	N/A	Splunk AppDynamics Cluster Agent versions antérieures à 26.4.0
Splunk	Splunk AppDynamics Machine Agent	Splunk AppDynamics Machine Agent versions antérieures à 26.4.0
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.2.2510 antérieures à 10.2.2510.11
Splunk	N/A	Splunk AppDynamics Python Agent versions antérieures à 26.4.1
Splunk	Splunk	image Docker Splunk versions 10.0.x antérieures à 10.0.5
Splunk	N/A	Splunk Add-on for Tomcat versions 3.3.x antérieures à 3.3.1
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.1.2507 antérieures à 10.1.2507.21
Splunk	Splunk Enterprise	Splunk Enterprise versions 10.0.x antérieures à 10.0.6
Splunk	N/A	Splunk AppDynamics Apache Web Server Agent versions 25.11.x antérieures à 25.11.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.4.x antérieures à 9.4.11
Splunk	Splunk	image Docker Splunk versions 9.3.x antérieures à 9.3.11
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.0.2503 antérieures à 10.0.2503.13
Splunk	Universal Forwarder	Splunk Universal Forwarder versions 9.4.x antérieures à 9.4.11
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.3.x antérieures à 9.3.12
Splunk	Splunk AppDynamics Java Agent	Splunk AppDynamics Java Agent versions antérieures à 26.4.0

References

Title

Publication Time

FKIE_CVE-2024-11079

Vulnerability from fkie_nvd - Published: 2024-11-12 00:15 - Updated: 2026-04-15 00:35

Severity

5.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Summary

References

	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:10770
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:11145
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-11079
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2325171
	af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en Ansible-Core. Esta vulnerabilidad permite a los atacantes eludir las protecciones de contenido inseguro mediante el objeto hostvars para hacer referencia y ejecutar contenido con plantilla. Este problema puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario si los datos remotos o las salidas de m\u00f3dulos tienen plantillas incorrectas dentro de los playbooks."
    }
  ],
  "id": "CVE-2024-11079",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 3.7,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-12T00:15:15.543",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:10770"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:11145"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-11079"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

GHSA-99W6-3XPH-CX78

Vulnerability from github – Published: 2024-11-12 00:30 – Updated: 2026-03-19 18:30

Summary

Ansible-Core vulnerable to content protections bypass

Details

Severity

5.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

1.2 (Low)


                  
                    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.18.0b1"
            },
            {
              "fixed": "2.18.1rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.17.0b1"
            },
            {
              "fixed": "2.17.7rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "ansible-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.16.14rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-11079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-12T21:35:36Z",
    "nvd_published_at": "2024-11-12T00:15:15Z",
    "severity": "LOW"
  },
  "details": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
  "id": "GHSA-99w6-3xph-cx78",
  "modified": "2026-03-19T18:30:43Z",
  "published": "2024-11-12T00:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11079"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/pull/84299"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/pull/84339"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/2936b80dbbc7efb889934aeec80f6142c10266ce"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/70e83e72b43e05e57eb42a6d52d01a4d9768f510"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/commit/98774d15d7748ebaaaf2e83942cc7e8d39f7280e"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:10770"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:11145"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-11079"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/ansible/ansible"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/ansible/blob/v2.18.1/changelogs/CHANGELOG-v2.18.rst#security-fixes"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2026/03/msg00006.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Ansible-Core vulnerable to content protections bypass"
}

OPENSUSE-SU-2024:14545-1

Vulnerability from csaf_opensuse - Published: 2024-12-05 00:00 - Updated: 2024-12-05 00:00

Summary

ansible-core-2.18.1-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: ansible-core-2.18.1-1.1 on GA media

Description of the patch: These are all security issues fixed in the ansible-core-2.18.1-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14545

CVE-2024-11079

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18.1-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18.1-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18.1-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18.1-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18.1-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18.1-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18.1-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18.1-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

5 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-11079/	self
https://www.suse.com/security/cve/CVE-2024-11079	external
https://bugzilla.suse.com/1233276	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ansible-core-2.18.1-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ansible-core-2.18.1-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14545",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14545-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11079 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11079/"
      }
    ],
    "title": "ansible-core-2.18.1-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-12-05T00:00:00Z",
      "generator": {
        "date": "2024-12-05T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14545-1",
      "initial_release_date": "2024-12-05T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-12-05T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18.1-1.1.aarch64",
                "product": {
                  "name": "ansible-core-2.18.1-1.1.aarch64",
                  "product_id": "ansible-core-2.18.1-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18.1-1.1.aarch64",
                "product": {
                  "name": "ansible-test-2.18.1-1.1.aarch64",
                  "product_id": "ansible-test-2.18.1-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18.1-1.1.ppc64le",
                "product": {
                  "name": "ansible-core-2.18.1-1.1.ppc64le",
                  "product_id": "ansible-core-2.18.1-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18.1-1.1.ppc64le",
                "product": {
                  "name": "ansible-test-2.18.1-1.1.ppc64le",
                  "product_id": "ansible-test-2.18.1-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18.1-1.1.s390x",
                "product": {
                  "name": "ansible-core-2.18.1-1.1.s390x",
                  "product_id": "ansible-core-2.18.1-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18.1-1.1.s390x",
                "product": {
                  "name": "ansible-test-2.18.1-1.1.s390x",
                  "product_id": "ansible-test-2.18.1-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18.1-1.1.x86_64",
                "product": {
                  "name": "ansible-core-2.18.1-1.1.x86_64",
                  "product_id": "ansible-core-2.18.1-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18.1-1.1.x86_64",
                "product": {
                  "name": "ansible-test-2.18.1-1.1.x86_64",
                  "product_id": "ansible-test-2.18.1-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.aarch64"
        },
        "product_reference": "ansible-core-2.18.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.ppc64le"
        },
        "product_reference": "ansible-core-2.18.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.s390x"
        },
        "product_reference": "ansible-core-2.18.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.x86_64"
        },
        "product_reference": "ansible-core-2.18.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18.1-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.aarch64"
        },
        "product_reference": "ansible-test-2.18.1-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18.1-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.ppc64le"
        },
        "product_reference": "ansible-test-2.18.1-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18.1-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.s390x"
        },
        "product_reference": "ansible-test-2.18.1-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18.1-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.x86_64"
        },
        "product_reference": "ansible-test-2.18.1-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11079",
          "url": "https://www.suse.com/security/cve/CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233276 for CVE-2024-11079",
          "url": "https://bugzilla.suse.com/1233276"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18.1-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18.1-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11079"
    }
  ]
}

OPENSUSE-SU-2024:14546-1

Vulnerability from csaf_opensuse - Published: 2024-12-05 00:00 - Updated: 2024-12-05 00:00

Summary

ansible-core-2.16-2.16.14-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: ansible-core-2.16-2.16.14-1.1 on GA media

Description of the patch: These are all security issues fixed in the ansible-core-2.16-2.16.14-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14546

CVE-2024-11079

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

5 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2024-11079/	self
https://www.suse.com/security/cve/CVE-2024-11079	external
https://bugzilla.suse.com/1233276	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ansible-core-2.16-2.16.14-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ansible-core-2.16-2.16.14-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14546",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14546-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11079 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11079/"
      }
    ],
    "title": "ansible-core-2.16-2.16.14-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-12-05T00:00:00Z",
      "generator": {
        "date": "2024-12-05T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14546-1",
      "initial_release_date": "2024-12-05T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-12-05T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.16-2.16.14-1.1.aarch64",
                "product": {
                  "name": "ansible-core-2.16-2.16.14-1.1.aarch64",
                  "product_id": "ansible-core-2.16-2.16.14-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.16-2.16.14-1.1.aarch64",
                "product": {
                  "name": "ansible-test-2.16-2.16.14-1.1.aarch64",
                  "product_id": "ansible-test-2.16-2.16.14-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.16-2.16.14-1.1.ppc64le",
                "product": {
                  "name": "ansible-core-2.16-2.16.14-1.1.ppc64le",
                  "product_id": "ansible-core-2.16-2.16.14-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.16-2.16.14-1.1.ppc64le",
                "product": {
                  "name": "ansible-test-2.16-2.16.14-1.1.ppc64le",
                  "product_id": "ansible-test-2.16-2.16.14-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.16-2.16.14-1.1.s390x",
                "product": {
                  "name": "ansible-core-2.16-2.16.14-1.1.s390x",
                  "product_id": "ansible-core-2.16-2.16.14-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.16-2.16.14-1.1.s390x",
                "product": {
                  "name": "ansible-test-2.16-2.16.14-1.1.s390x",
                  "product_id": "ansible-test-2.16-2.16.14-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.16-2.16.14-1.1.x86_64",
                "product": {
                  "name": "ansible-core-2.16-2.16.14-1.1.x86_64",
                  "product_id": "ansible-core-2.16-2.16.14-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.16-2.16.14-1.1.x86_64",
                "product": {
                  "name": "ansible-test-2.16-2.16.14-1.1.x86_64",
                  "product_id": "ansible-test-2.16-2.16.14-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.16-2.16.14-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.aarch64"
        },
        "product_reference": "ansible-core-2.16-2.16.14-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.16-2.16.14-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.ppc64le"
        },
        "product_reference": "ansible-core-2.16-2.16.14-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.16-2.16.14-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.s390x"
        },
        "product_reference": "ansible-core-2.16-2.16.14-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.16-2.16.14-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.x86_64"
        },
        "product_reference": "ansible-core-2.16-2.16.14-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.16-2.16.14-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.aarch64"
        },
        "product_reference": "ansible-test-2.16-2.16.14-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.16-2.16.14-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.ppc64le"
        },
        "product_reference": "ansible-test-2.16-2.16.14-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.16-2.16.14-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.s390x"
        },
        "product_reference": "ansible-test-2.16-2.16.14-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.16-2.16.14-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.x86_64"
        },
        "product_reference": "ansible-test-2.16-2.16.14-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11079",
          "url": "https://www.suse.com/security/cve/CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233276 for CVE-2024-11079",
          "url": "https://bugzilla.suse.com/1233276"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.16-2.16.14-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.16-2.16.14-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11079"
    }
  ]
}

OPENSUSE-SU-2024:14547-1

Vulnerability from csaf_opensuse - Published: 2024-12-05 00:00 - Updated: 2024-12-05 00:00

Summary

ansible-core-2.17-2.17.7-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: ansible-core-2.17-2.17.7-1.1 on GA media

Description of the patch: These are all security issues fixed in the ansible-core-2.17-2.17.7-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-14547

CVE-2024-11079

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

7 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://lists.opensuse.org/archives/list/security…	self
https://lists.opensuse.org/archives/list/security…	self
https://www.suse.com/security/cve/CVE-2024-11079/	self
https://www.suse.com/security/cve/CVE-2024-11079	external
https://bugzilla.suse.com/1233276	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ansible-core-2.17-2.17.7-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ansible-core-2.17-2.17.7-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14547",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14547-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2024:14547-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FXA2MCVUX3VSCGBZXXKTPPRDV3YDJUJW/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2024:14547-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FXA2MCVUX3VSCGBZXXKTPPRDV3YDJUJW/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11079 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11079/"
      }
    ],
    "title": "ansible-core-2.17-2.17.7-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-12-05T00:00:00Z",
      "generator": {
        "date": "2024-12-05T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14547-1",
      "initial_release_date": "2024-12-05T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-12-05T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.17-2.17.7-1.1.aarch64",
                "product": {
                  "name": "ansible-core-2.17-2.17.7-1.1.aarch64",
                  "product_id": "ansible-core-2.17-2.17.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.17-2.17.7-1.1.aarch64",
                "product": {
                  "name": "ansible-test-2.17-2.17.7-1.1.aarch64",
                  "product_id": "ansible-test-2.17-2.17.7-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.17-2.17.7-1.1.ppc64le",
                "product": {
                  "name": "ansible-core-2.17-2.17.7-1.1.ppc64le",
                  "product_id": "ansible-core-2.17-2.17.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.17-2.17.7-1.1.ppc64le",
                "product": {
                  "name": "ansible-test-2.17-2.17.7-1.1.ppc64le",
                  "product_id": "ansible-test-2.17-2.17.7-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.17-2.17.7-1.1.s390x",
                "product": {
                  "name": "ansible-core-2.17-2.17.7-1.1.s390x",
                  "product_id": "ansible-core-2.17-2.17.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.17-2.17.7-1.1.s390x",
                "product": {
                  "name": "ansible-test-2.17-2.17.7-1.1.s390x",
                  "product_id": "ansible-test-2.17-2.17.7-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.17-2.17.7-1.1.x86_64",
                "product": {
                  "name": "ansible-core-2.17-2.17.7-1.1.x86_64",
                  "product_id": "ansible-core-2.17-2.17.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.17-2.17.7-1.1.x86_64",
                "product": {
                  "name": "ansible-test-2.17-2.17.7-1.1.x86_64",
                  "product_id": "ansible-test-2.17-2.17.7-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.17-2.17.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.aarch64"
        },
        "product_reference": "ansible-core-2.17-2.17.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.17-2.17.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.ppc64le"
        },
        "product_reference": "ansible-core-2.17-2.17.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.17-2.17.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.s390x"
        },
        "product_reference": "ansible-core-2.17-2.17.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.17-2.17.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.x86_64"
        },
        "product_reference": "ansible-core-2.17-2.17.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.17-2.17.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.aarch64"
        },
        "product_reference": "ansible-test-2.17-2.17.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.17-2.17.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.ppc64le"
        },
        "product_reference": "ansible-test-2.17-2.17.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.17-2.17.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.s390x"
        },
        "product_reference": "ansible-test-2.17-2.17.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.17-2.17.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.x86_64"
        },
        "product_reference": "ansible-test-2.17-2.17.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11079",
          "url": "https://www.suse.com/security/cve/CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233276 for CVE-2024-11079",
          "url": "https://bugzilla.suse.com/1233276"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.17-2.17.7-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.17-2.17.7-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-12-05T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11079"
    }
  ]
}

OPENSUSE-SU-2025:15638-1

Vulnerability from csaf_opensuse - Published: 2025-10-16 00:00 - Updated: 2025-10-16 00:00

Summary

ansible-core-2.18-2.18.10-2.1 on GA media

Severity

Moderate

Notes

Title of the patch: ansible-core-2.18-2.18.10-2.1 on GA media

Description of the patch: These are all security issues fixed in the ansible-core-2.18-2.18.10-2.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-15638

CVE-2023-5115

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2023-5764

6.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-0690

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-11079

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-8775

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-9902

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

20 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2023-5115/	self
https://www.suse.com/security/cve/CVE-2023-5764/	self
https://www.suse.com/security/cve/CVE-2024-0690/	self
https://www.suse.com/security/cve/CVE-2024-11079/	self
https://www.suse.com/security/cve/CVE-2024-8775/	self
https://www.suse.com/security/cve/CVE-2024-9902/	self
https://www.suse.com/security/cve/CVE-2023-5115	external
https://bugzilla.suse.com/1215606	external
https://www.suse.com/security/cve/CVE-2023-5764	external
https://bugzilla.suse.com/1216854	external
https://www.suse.com/security/cve/CVE-2024-0690	external
https://bugzilla.suse.com/1219002	external
https://www.suse.com/security/cve/CVE-2024-11079	external
https://bugzilla.suse.com/1233276	external
https://www.suse.com/security/cve/CVE-2024-8775	external
https://bugzilla.suse.com/1230601	external
https://www.suse.com/security/cve/CVE-2024-9902	external
https://bugzilla.suse.com/1233000	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ansible-core-2.18-2.18.10-2.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ansible-core-2.18-2.18.10-2.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15638",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15638-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5115 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5115/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5764 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0690 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0690/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11079 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8775 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9902 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9902/"
      }
    ],
    "title": "ansible-core-2.18-2.18.10-2.1 on GA media",
    "tracking": {
      "current_release_date": "2025-10-16T00:00:00Z",
      "generator": {
        "date": "2025-10-16T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15638-1",
      "initial_release_date": "2025-10-16T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-10-16T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18-2.18.10-2.1.aarch64",
                "product": {
                  "name": "ansible-core-2.18-2.18.10-2.1.aarch64",
                  "product_id": "ansible-core-2.18-2.18.10-2.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18-2.18.10-2.1.aarch64",
                "product": {
                  "name": "ansible-test-2.18-2.18.10-2.1.aarch64",
                  "product_id": "ansible-test-2.18-2.18.10-2.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18-2.18.10-2.1.ppc64le",
                "product": {
                  "name": "ansible-core-2.18-2.18.10-2.1.ppc64le",
                  "product_id": "ansible-core-2.18-2.18.10-2.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18-2.18.10-2.1.ppc64le",
                "product": {
                  "name": "ansible-test-2.18-2.18.10-2.1.ppc64le",
                  "product_id": "ansible-test-2.18-2.18.10-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18-2.18.10-2.1.s390x",
                "product": {
                  "name": "ansible-core-2.18-2.18.10-2.1.s390x",
                  "product_id": "ansible-core-2.18-2.18.10-2.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18-2.18.10-2.1.s390x",
                "product": {
                  "name": "ansible-test-2.18-2.18.10-2.1.s390x",
                  "product_id": "ansible-test-2.18-2.18.10-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.18-2.18.10-2.1.x86_64",
                "product": {
                  "name": "ansible-core-2.18-2.18.10-2.1.x86_64",
                  "product_id": "ansible-core-2.18-2.18.10-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.18-2.18.10-2.1.x86_64",
                "product": {
                  "name": "ansible-test-2.18-2.18.10-2.1.x86_64",
                  "product_id": "ansible-test-2.18-2.18.10-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18-2.18.10-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64"
        },
        "product_reference": "ansible-core-2.18-2.18.10-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18-2.18.10-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le"
        },
        "product_reference": "ansible-core-2.18-2.18.10-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18-2.18.10-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x"
        },
        "product_reference": "ansible-core-2.18-2.18.10-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.18-2.18.10-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64"
        },
        "product_reference": "ansible-core-2.18-2.18.10-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18-2.18.10-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64"
        },
        "product_reference": "ansible-test-2.18-2.18.10-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18-2.18.10-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le"
        },
        "product_reference": "ansible-test-2.18-2.18.10-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18-2.18.10-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x"
        },
        "product_reference": "ansible-test-2.18-2.18.10-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.18-2.18.10-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        },
        "product_reference": "ansible-test-2.18-2.18.10-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-5115",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5115"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5115",
          "url": "https://www.suse.com/security/cve/CVE-2023-5115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215606 for CVE-2023-5115",
          "url": "https://bugzilla.suse.com/1215606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-16T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-5115"
    },
    {
      "cve": "CVE-2023-5764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5764",
          "url": "https://www.suse.com/security/cve/CVE-2023-5764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216854 for CVE-2023-5764",
          "url": "https://bugzilla.suse.com/1216854"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-16T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-5764"
    },
    {
      "cve": "CVE-2024-0690",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0690"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0690",
          "url": "https://www.suse.com/security/cve/CVE-2024-0690"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219002 for CVE-2024-0690",
          "url": "https://bugzilla.suse.com/1219002"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-16T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0690"
    },
    {
      "cve": "CVE-2024-11079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11079",
          "url": "https://www.suse.com/security/cve/CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233276 for CVE-2024-11079",
          "url": "https://bugzilla.suse.com/1233276"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-16T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11079"
    },
    {
      "cve": "CVE-2024-8775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8775",
          "url": "https://www.suse.com/security/cve/CVE-2024-8775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230601 for CVE-2024-8775",
          "url": "https://bugzilla.suse.com/1230601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-16T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-8775"
    },
    {
      "cve": "CVE-2024-9902",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9902"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9902",
          "url": "https://www.suse.com/security/cve/CVE-2024-9902"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233000 for CVE-2024-9902",
          "url": "https://bugzilla.suse.com/1233000"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.18-2.18.10-2.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.18-2.18.10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-16T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-9902"
    }
  ]
}

OPENSUSE-SU-2025:15754-1

Vulnerability from csaf_opensuse - Published: 2025-11-21 00:00 - Updated: 2025-11-21 00:00

Summary

ansible-core-2.19-2.19.4-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: ansible-core-2.19-2.19.4-1.1 on GA media

Description of the patch: These are all security issues fixed in the ansible-core-2.19-2.19.4-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-15754

CVE-2023-5115

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2023-5764

6.6 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-0690

5.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-11079

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-8775

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-9902

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

20 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2023-5115/	self
https://www.suse.com/security/cve/CVE-2023-5764/	self
https://www.suse.com/security/cve/CVE-2024-0690/	self
https://www.suse.com/security/cve/CVE-2024-11079/	self
https://www.suse.com/security/cve/CVE-2024-8775/	self
https://www.suse.com/security/cve/CVE-2024-9902/	self
https://www.suse.com/security/cve/CVE-2023-5115	external
https://bugzilla.suse.com/1215606	external
https://www.suse.com/security/cve/CVE-2023-5764	external
https://bugzilla.suse.com/1216854	external
https://www.suse.com/security/cve/CVE-2024-0690	external
https://bugzilla.suse.com/1219002	external
https://www.suse.com/security/cve/CVE-2024-11079	external
https://bugzilla.suse.com/1233276	external
https://www.suse.com/security/cve/CVE-2024-8775	external
https://bugzilla.suse.com/1230601	external
https://www.suse.com/security/cve/CVE-2024-9902	external
https://bugzilla.suse.com/1233000	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "ansible-core-2.19-2.19.4-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the ansible-core-2.19-2.19.4-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15754",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15754-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5115 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5115/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-5764 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-5764/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-0690 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-0690/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-11079 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-11079/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-8775 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-8775/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-9902 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-9902/"
      }
    ],
    "title": "ansible-core-2.19-2.19.4-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-11-21T00:00:00Z",
      "generator": {
        "date": "2025-11-21T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15754-1",
      "initial_release_date": "2025-11-21T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-11-21T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.19-2.19.4-1.1.aarch64",
                "product": {
                  "name": "ansible-core-2.19-2.19.4-1.1.aarch64",
                  "product_id": "ansible-core-2.19-2.19.4-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.19-2.19.4-1.1.aarch64",
                "product": {
                  "name": "ansible-test-2.19-2.19.4-1.1.aarch64",
                  "product_id": "ansible-test-2.19-2.19.4-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.19-2.19.4-1.1.ppc64le",
                "product": {
                  "name": "ansible-core-2.19-2.19.4-1.1.ppc64le",
                  "product_id": "ansible-core-2.19-2.19.4-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.19-2.19.4-1.1.ppc64le",
                "product": {
                  "name": "ansible-test-2.19-2.19.4-1.1.ppc64le",
                  "product_id": "ansible-test-2.19-2.19.4-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.19-2.19.4-1.1.s390x",
                "product": {
                  "name": "ansible-core-2.19-2.19.4-1.1.s390x",
                  "product_id": "ansible-core-2.19-2.19.4-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.19-2.19.4-1.1.s390x",
                "product": {
                  "name": "ansible-test-2.19-2.19.4-1.1.s390x",
                  "product_id": "ansible-test-2.19-2.19.4-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-core-2.19-2.19.4-1.1.x86_64",
                "product": {
                  "name": "ansible-core-2.19-2.19.4-1.1.x86_64",
                  "product_id": "ansible-core-2.19-2.19.4-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ansible-test-2.19-2.19.4-1.1.x86_64",
                "product": {
                  "name": "ansible-test-2.19-2.19.4-1.1.x86_64",
                  "product_id": "ansible-test-2.19-2.19.4-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.19-2.19.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64"
        },
        "product_reference": "ansible-core-2.19-2.19.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.19-2.19.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le"
        },
        "product_reference": "ansible-core-2.19-2.19.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.19-2.19.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x"
        },
        "product_reference": "ansible-core-2.19-2.19.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-core-2.19-2.19.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64"
        },
        "product_reference": "ansible-core-2.19-2.19.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.19-2.19.4-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64"
        },
        "product_reference": "ansible-test-2.19-2.19.4-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.19-2.19.4-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le"
        },
        "product_reference": "ansible-test-2.19-2.19.4-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.19-2.19.4-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x"
        },
        "product_reference": "ansible-test-2.19-2.19.4-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-test-2.19-2.19.4-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        },
        "product_reference": "ansible-test-2.19-2.19.4-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-5115",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5115"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5115",
          "url": "https://www.suse.com/security/cve/CVE-2023-5115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215606 for CVE-2023-5115",
          "url": "https://bugzilla.suse.com/1215606"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-5115"
    },
    {
      "cve": "CVE-2023-5764",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-5764"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-5764",
          "url": "https://www.suse.com/security/cve/CVE-2023-5764"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1216854 for CVE-2023-5764",
          "url": "https://bugzilla.suse.com/1216854"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-5764"
    },
    {
      "cve": "CVE-2024-0690",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-0690"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-0690",
          "url": "https://www.suse.com/security/cve/CVE-2024-0690"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219002 for CVE-2024-0690",
          "url": "https://bugzilla.suse.com/1219002"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-0690"
    },
    {
      "cve": "CVE-2024-11079",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-11079"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-11079",
          "url": "https://www.suse.com/security/cve/CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233276 for CVE-2024-11079",
          "url": "https://bugzilla.suse.com/1233276"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-11079"
    },
    {
      "cve": "CVE-2024-8775",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-8775"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-8775",
          "url": "https://www.suse.com/security/cve/CVE-2024-8775"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1230601 for CVE-2024-8775",
          "url": "https://bugzilla.suse.com/1230601"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-8775"
    },
    {
      "cve": "CVE-2024-9902",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-9902"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
          "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-9902",
          "url": "https://www.suse.com/security/cve/CVE-2024-9902"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1233000 for CVE-2024-9902",
          "url": "https://bugzilla.suse.com/1233000"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-core-2.19-2.19.4-1.1.x86_64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.aarch64",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.ppc64le",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.s390x",
            "openSUSE Tumbleweed:ansible-test-2.19-2.19.4-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-21T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-9902"
    }
  ]
}

RHSA-2024:10770

Vulnerability from csaf_redhat - Published: 2024-12-03 22:38 - Updated: 2026-03-18 02:49

Summary

Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update

Severity

Moderate

Notes

Topic: An update is now available for Red Hat Ansible Automation Platform Execution Environments

Details: Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Security Fix(es): * ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core (CVE-2024-11079) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Updates and fixes: * ansible-core has been updated to 2.15.13 (ee-minimal 2.15 stream) * ansible-core has been updated to 2.16.14 (ee-minimal 2.16 stream) * ansible-core has been updated to 2.17.7 (ee-minimal 2.17 stream) * ansible-core has been updated to 2.18.1 (ee-minimal 2.18 stream)

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-11079

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 45 products

Product	Version	Remediation
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

References

8 references

URL	Category
https://access.redhat.com/errata/RHSA-2024:10770	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2325171	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-11079	self
https://bugzilla.redhat.com/show_bug.cgi?id=2325171	external
https://www.cve.org/CVERecord?id=CVE-2024-11079	external
https://nvd.nist.gov/vuln/detail/CVE-2024-11079	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat Ansible Automation Platform Execution Environments",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n* ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core (CVE-2024-11079)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes:\n* ansible-core has been updated to 2.15.13 (ee-minimal 2.15 stream)\n* ansible-core has been updated to 2.16.14 (ee-minimal 2.16 stream)\n* ansible-core has been updated to 2.17.7 (ee-minimal 2.17 stream)\n* ansible-core has been updated to 2.18.1 (ee-minimal 2.18 stream)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:10770",
        "url": "https://access.redhat.com/errata/RHSA-2024:10770"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2325171",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10770.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform Execution Environments Container Release Update",
    "tracking": {
      "current_release_date": "2026-03-18T02:49:00+00:00",
      "generator": {
        "date": "2026-03-18T02:49:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2024:10770",
      "initial_release_date": "2024-12-03T22:38:04+00:00",
      "revision_history": [
        {
          "date": "2024-12-03T22:38:04+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-12-03T22:38:04+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-18T02:49:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Ansible Automation Platform Execution Environments",
                "product": {
                  "name": "Ansible Automation Platform Execution Environments",
                  "product_id": "8Base-ansible-automation-platform-ee",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_core:2::el8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Ansible Automation Platform Execution Environments",
                "product": {
                  "name": "Ansible Automation Platform Execution Environments",
                  "product_id": "9Base-ansible-automation-platform-ee",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_core:2::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ansible Automation Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel8\u0026tag=1.2.0-93"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel9\u0026tag=3.0.1-108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel8\u0026tag=3.0.1-107"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
                  "product_id": "ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-29-rhel8\u0026tag=2.9.27-34"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.17.7-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.18.1-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.17.7-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.15.13-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.18.1-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.14.13-23"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.13.10-36"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.16.14-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.12.10-56"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.16.14-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda?arch=amd64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.15.13-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel9\u0026tag=3.0.1-108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel8\u0026tag=3.0.1-107"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.17.7-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.18.1-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.17.7-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.15.13-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.18.1-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.16.14-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.16.14-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a?arch=s390x\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.15.13-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel9\u0026tag=3.0.1-108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel8\u0026tag=3.0.1-107"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.17.7-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.18.1-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.17.7-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.15.13-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.18.1-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.16.14-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.16.14-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72?arch=ppc64le\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.15.13-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel9\u0026tag=3.0.1-108"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
                "product": {
                  "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
                  "product_id": "ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ansible-builder-rhel8\u0026tag=3.0.1-107"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.17.7-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.18.1-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.17.7-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.15.13-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.18.1-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.16.14-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel9\u0026tag=2.16.14-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
                "product": {
                  "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
                  "product_id": "ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880?arch=arm64\u0026repository_url=registry.redhat.io/ansible-automation-platform/ee-minimal-rhel8\u0026tag=2.15.13-3"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
        "relates_to_product_reference": "8Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x"
        },
        "product_reference": "ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64 as a component of Ansible Automation Platform Execution Environments",
          "product_id": "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64"
        },
        "product_reference": "ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64",
        "relates_to_product_reference": "9Base-ansible-automation-platform-ee"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-11079",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-11-11T11:43:42.603000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2325171"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
          "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
          "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "RHBZ#2325171",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-11079",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-11079"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-11079",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11079"
        }
      ],
      "release_date": "2024-11-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-03T22:38:04+00:00",
          "details": "Red Hat Ansible Automation Platform Execution Environments",
          "product_ids": [
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10770"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, avoid using the hostvars object to reference content marked as !unsafe. Ensure that all remote data from modules or lookups is properly sanitized and validated before use in playbooks. Additionally, restrict access to inventory files and Ansible playbooks to trusted users to minimize exploitation risks.",
          "product_ids": [
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:06bccba7cd23ceff5c03ea32d80099cd2a3ce68b9c03435936cb4d6cfff4974c_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:68a5232ec36bcd98049ca3d42fedf1a3c15667f260712c6e3e5b90c1877ebbce_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:6b077737281691a1bfc90d1ae33fc30ce09a7c34240c1816aa2e678c0c0a91fa_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:a1988ba5bf65e42ac732e71b154323bf8df5fd25ce5a50b9dbaa1be370af62bb_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel8@sha256:d57bb670a115de96285e065ba0a4f2b67f752e8eec57e9b2f6371fbe3478972c_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-29-rhel8@sha256:03a835f116a9636bb4a03884b8686f6aa82a03374aa431ca02350dcbf40f5898_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0a650301785be46f119a2080e7a09fefef893f611804a01b1304a28d98780fe0_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0b6a08e245cc02b03f5ae0b6fb74ac8f9738c437b4de3fa9a2b3225a2e914fda_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:0d26e5c3dfdddecd1fef6ed915b59e7f1269c199563d46c1f3dead813ec42499_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:2946109032d00b8756175affc50fed01cc0bbcbc927a3fd2d5d846f825429b72_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:39169c112d66b9e7e9438c5246d1b25b8cf894aafc2880923472ad5c24b5d546_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:3d39702e054b2fb712ace5cbc53d8b1619810240971e8046f5d0954e67c32880_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:44aae8b7c5fc7d0774962084a2943f567fbfdb740e31d1808be3da05a0c4049e_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:4b746a01c9dbd0c5ad07f085aa8236bbc93d21e7f1f5b9c395b8988b7703a01a_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:50cf5bbb57c9dfa77b385132948ea68cb20212df7476c94cc7087324ecf77254_s390x",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5b411c45dec6c058ce918ebd9c37e1b9e6fbc9d3ec619b67cbfdf9c70d7033e5_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:5e98ecd8212d3ec46e2ae13e51e6c7f181718b0332a54351a229bcea4ddc63fe_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:6afae7906f7baccb28359493e832265d3f24f67fd4144246ddaf6e704512a8c2_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9313194b84341535a96f02257389a759c8c31f2f3922f44c5c373380901d9432_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:9a792b2313c66057a1955809a845ff7fd6cbf5b8530d1b16e66c19843bf09fa3_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:b53ca6d71a7c8cc6ab889cc834d4cb5b3550545ef90c2a35b182eda11e4fab47_arm64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:bf21c17ba56785bd920f3e4ec869a790d12ca9876b70dcb2be6a3f5cbfda2966_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db222c5e5b1e8783a14fe65d7cc11bb6222da908a41b193cc6949fec7e0ec6c0_ppc64le",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:db244d6b4f06ae97b9b15fe3071b7aab85daef71e5e92dc9d6459ce9903a37d2_amd64",
            "8Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel8@sha256:e45a1b593ec7ae0808cc3d249696b5a5e16382dcd4294a6d969000c49848f34c_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:006df4661ba4abe1c9166a696d5aed80ad2958b4fc0b675f13228c801585fe8d_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:017b6d52de4f1a8e7574b86d5fda0671ed2b784be3cf6fc683348df1167d2af3_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:1a8167f204602e8d31c4ff9a813a07840c72843dd7afa91dd52d511064550065_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ansible-builder-rhel9@sha256:99e6443f9aacceff0df4131349e3fe89ece17a5ed1507bc1c74b9692d2853624_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:13f3527db21116ccabc95a90487a711208613991a5f2877ef0e24ef14d53542c_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:20b097862352178edce5ae8684e2ee441e8abdccdfe70aea26bc99b4817338bc_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2e22d4c6a5cf8b66f4f2d55f8237f050b6611be0ab81dcf8de6bd4ed1af2882d_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:2f763263c5252579c4106b6e8e7f030e092df6a24a4270c00084dd25939b3a04_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:338dd71e8f2e5025e73e14ff97a936a9d74893add9358beb0497c7d041132352_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:5fe58177f6c0ae204c3943c34febfaa41cd553819beee08543e30c922835cbbc_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:6b522fdad0e2d3f6cc838f5dcf8ba4534c3e0037da3cb8e7886d63724f5b5b2a_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8270a2afb90b991005c830c5fa989a260c0e313d6cb6eaa40ab3f2e8b7df6072_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:8afa6b37476e2bba2a00b61ba9a48da9cc1f22e7f182c5080bc873eaaa84b537_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a3d23adb3b0c643fa16b91e71cc313c3908fff4ebf317568895b204b9416351f_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:a64195114c059e7f49dbb19fc08eb9fe4e92e63d4e2f99e54fb83eac9860cc0f_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:ae770ba7ca5e0d9789fc85370fb887df5102542ee6463ab36a413b37e383cf0d_amd64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c1e98be6cbae19587bc52539765b009809084eba765f364a236e890f48bd0049_arm64",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:c417b7b9097a7edaff2903769bff9ec275719f22acd1dfe0e812c26ae32a43f2_s390x",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e313d9431a3a8b623fc928e1f12a445a00c334331841a210b6dc012e0fab108a_ppc64le",
            "9Base-ansible-automation-platform-ee:ansible-automation-platform/ee-minimal-rhel9@sha256:e97739f926c4fbf50b600b72d0e60964e18a79f0f12f40dd4f7752bfc580ab41_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-11079 (GCVE-0-2024-11079)

Solutions

Tags

Sightings

Nomenclature