Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-11483
Vulnerability from cvelistv5
Published
2024-11-25 03:54
Modified
2024-12-18 03:58
Severity ?
EPSS score ?
Summary
A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user’s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services.
References
Impacted products
| Vendor | Product | Version | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ v2024.10.17 |
||||||||||
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11483",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T17:15:47.886009Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T17:15:57.221Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/ansible/django-ansible-base",
"defaultStatus": "unaffected",
"packageName": "django-ansible-base",
"versions": [
{
"lessThanOrEqual": "v2024.10.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8"
],
"defaultStatus": "affected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.5.20241218-1.el8ap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8"
],
"defaultStatus": "affected",
"packageName": "automation-gateway",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.5.20241218-1.el9ap",
"versionType": "rpm"
}
]
}
],
"datePublic": "2024-11-20T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user\u2019s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-18T03:58:12.673Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:11145",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:11145"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-11483"
},
{
"name": "RHBZ#2327579",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327579"
},
{
"url": "https://github.com/ansible/django-ansible-base/commit/845b3e1838cc0762a7f9f3e0379c5274519d9a44"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-20T08:03:10.145000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-11-20T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Automation-gateway: improper scope handling in oauth2 tokens for aap 2.5",
"x_redhatCweChain": "CWE-284: Improper Access Control"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-11483",
"datePublished": "2024-11-25T03:54:34.342Z",
"dateReserved": "2024-11-20T08:09:27.275Z",
"dateUpdated": "2024-12-18T03:58:12.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-11483\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-11-25T04:15:03.683\",\"lastModified\":\"2024-12-18T04:15:07.210\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user\u2019s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en Ansible Automation Platform (AAP). Esta falla permite a los atacantes escalar privilegios al aprovechar de forma indebida los tokens OAuth2 con alcance de lectura para obtener acceso de escritura. Este problema afecta a los endpoints de API que dependen de ansible_base.oauth2_provider para la autenticaci\u00f3n OAuth2. Si bien el impacto se limita a las acciones dentro de los permisos asignados al usuario, debilita los controles de acceso con alcance, lo que potencialmente permite modificaciones no deseadas en la aplicaci\u00f3n y el consumo de servicios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:11145\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-11483\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2327579\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/ansible/django-ansible-base/commit/845b3e1838cc0762a7f9f3e0379c5274519d9a44\",\"source\":\"secalert@redhat.com\"}]}}"
}
}
ghsa-q73v-w388-wp95
Vulnerability from github
Published
2024-11-25 06:34
Modified
2024-12-18 06:30
Severity ?
Details
A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user’s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services.
{
"affected": [],
"aliases": [
"CVE-2024-11483"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-25T04:15:03Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user\u2019s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services.",
"id": "GHSA-q73v-w388-wp95",
"modified": "2024-12-18T06:30:48Z",
"published": "2024-11-25T06:34:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11483"
},
{
"type": "WEB",
"url": "https://github.com/ansible/django-ansible-base/commit/845b3e1838cc0762a7f9f3e0379c5274519d9a44"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:11145"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-11483"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327579"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
rhsa-2024_11145
Vulnerability from csaf_redhat
Published
2024-12-16 18:56
Modified
2024-12-18 05:22
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.5
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core (CVE-2024-11079)
* automation-gateway: Improper Scope Handling in OAuth2 Tokens for AAP 2.5 (CVE-2024-11483)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Updates and fixes included:
Automation Platform UI
* Added support for filtering job templates, jobs, and inventories by labels (AAP-36540)
* Fixed an issue where it was not possible to open a job template after removing the user which created the template (AAP-35820)
* Fixed an issue where the inventory source update failed, and did not allow selection of the inventory file (AAP-35246)
* Fixed an issue where the Login Redirect Override setting was missing and not functioning as expected (AAP-33295)
* Disabled auto complete for secret credential fields (AAP-33188)
* Fixed an issue where users were able to select a credential that required a password when defining a schedule (AAP-32821)
* Fixed the navigation Team -> roles -> eda to the created team role page, where it did not work after adding a new team role.(AAP-31873)
* When configuring an Ansible Remote to sync collections from other servers, a requirements file is only required for syncs from Galaxy, and optional otherwise. Without a requirements file, all collections get synced (AAP-31238)
* Fixed an issue where the job output did not show unless you switched tabs (AAP-31125)
* Fixed an issue where the bulk removal of selected role permissions disappeared when more than 4 permissions were selected (AAP-28030)
Event-Driven Ansible
* Fixed an issue where the project sync would not fail on an empty or unstructured git repository (AAP-35777)
* Fixed an issue in the collection where the activation module failed with a misleading error message if the rulebook, project, decision environment, or organization could not be found (AAP-35360)
* Fixed an issue where rulebook validation import/sync fails when a rulebook has a duplicated rule name (AAP-35164)
* Added validation that a host specified as part of a container registry credential conforms to container registry standards (AAP-34969)
* Fixed an issue where the Event Driven Ansible API allowed a credential’s type to be changed (AAP-34968)
* Fixed an issue where a previously failed project could be accidentally changed to completed after a resync (AAP-34744)
* Fixed an issue where no message was recorded when a project did not contain any rulebooks (AAP-34555)
* Fixed an issue whereby multiple Red Hat Ansible Automation Platform credentials were being attached to activations (AAP-34025)
* Fixed an issue where the url field of the event stream was not updated if EDA_EVENT_STREAM_BASE_URL setting changed (AAP-33819)
* Extended the scope of the log_level and debug settings (AAP-33669)
* Fixed an issue where there was an erroneous dependency on the existence of an organization named Default (AAP-33551)
* A project can now be synced with the Event Driven Ansible collection modules (AAP-32264)
* Fixed an issue where occasionally an activation is reported as running, before it is ready to receive events (AAP-31225)
* Fixed an issue where Enabled options had its own scrollbar on the Rulebook Activation Details page (AAP-31130)
* Added 'purge_log_records' to aap-eda-manage to clean up outdated database records (AAP-30684)
* Fixed an issue where the status of an activation was occasionally inconsistent with the status of the latest instance after a restart (AAP-29755)
* Fixed an issue where the user could not edit auto-generated injector vars while creating Event Driven Ansible custom credentials (AAP-29752)
* Fixed an issue where importing a project from a non-existing branch resulted in the completed state instead of a Failed status (AAP-29144)
* Fixed an issue where in some cases the file_watch source plugin in an Event Driven Ansible collection raised the QueueFull exception (AAP-29139)
* In the Rulebook activation create form, selecting a project is now required before selecting a rulebook (AAP-28082)
* The Create Credentials button is now visible irrespective of whether there are any existing credentials or not (AAP-23707)
* automation-eda-controller has been updated to 1.1.3
* ansible-rulebook has been updated to 1.1.2
Container-based Ansible Automation Platform
* Fixed an issue that allowed Automation controller nodes to override the receptor_peers variable (AAP-37085)
* Fixed an issue where the containerized installer ignored receptor_type for automation controller hosts and always installed them as hybrid (AAP-37012)
* Fixed an issue where Podman was not present in the task container, and the cleanup image task failed (AAP-37011)
* Fixed an issue where receptor_type and receptor_protocol variables validation checks were skipped during the preflight role execution (AAP-36857)
* Fixed an issue where only one Automation controller node was configured with Execution/Hop node peers rather than all Automation controller nodes (AAP-36851)
* Fixed an issue when the Automation Controller services loose connection to the database then containers are stopped and never started back automatically (AAP-36850)
* containerized installer setup has been updated to 2.5-7
Additional changes:
* Added help text to all missing fields in AAP API gateway and django-ansible-base (AAP-37068)
* Consistently formatted sentence structure for help_text, and provided more context in the help text where it was vagueConsistently formatted sentence structure for help_text, and provided more context in the help text where it was vague (AAP-37016)
* Fixed an issue where migration was missing (AAP-37015)
* Fixed an issue where django-ansible-base fallback cache kept creating a tmp file even if the LOCATION was set to another path (AAP-36869)
* Fixed an issue where the OIDC authenticator was not allowed to use the JSON key to extract user groups, or for a user to be modified via the new GROUPS_CLAIM configuration setting (AAP-36716)
* Fixed an issue where the gateway oauth token was not encrypted at rest (AAP-36715)
* Added more user input validation around http_ports in gateway (AAP-36714)
* Fixed an issue where the Gateway did not properly interpret SAML attributes for mappings (AAP-36713)
* Added setting 'trusted_header_timeout_in_ns' to timegate X_TRUSTED_PROXY_HEADER validation in djanbo-ansible-base libraries (AAP-36712)
* Added dynamic preferences for usage by automation analytics (AAP-36710)
* Added an 'enabled' flag for turning authenticator maps on or off (AAP-36709)
* Allow non-self-signed certificate+key pairs to be used in SAML authenticator configurations (AAP-36707)
* Make login page redirect to /api/gateway/v1 if already logged in (AAP-36638)
* aap-metrics-utility has been updated to 0.4.1 (AAP-36393)
* ansible-core has been updated to 2.16.14
* automation-gateway has been updated to 2.5.20241218
* python3.11-django-ansible-base has been updated to 2.5.20241218
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.5\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core (CVE-2024-11079)\n* automation-gateway: Improper Scope Handling in OAuth2 Tokens for AAP 2.5 (CVE-2024-11483)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nUpdates and fixes included:\n\nAutomation Platform UI\n* Added support for filtering job templates, jobs, and inventories by labels (AAP-36540)\n* Fixed an issue where it was not possible to open a job template after removing the user which created the template (AAP-35820)\n* Fixed an issue where the inventory source update failed, and did not allow selection of the inventory file (AAP-35246)\n* Fixed an issue where the Login Redirect Override setting was missing and not functioning as expected (AAP-33295)\n* Disabled auto complete for secret credential fields (AAP-33188)\n* Fixed an issue where users were able to select a credential that required a password when defining a schedule (AAP-32821)\n* Fixed the navigation Team -\u003e roles -\u003e eda to the created team role page, where it did not work after adding a new team role.(AAP-31873)\n* When configuring an Ansible Remote to sync collections from other servers, a requirements file is only required for syncs from Galaxy, and optional otherwise. Without a requirements file, all collections get synced (AAP-31238)\n* Fixed an issue where the job output did not show unless you switched tabs (AAP-31125)\n* Fixed an issue where the bulk removal of selected role permissions disappeared when more than 4 permissions were selected (AAP-28030)\n\nEvent-Driven Ansible\n* Fixed an issue where the project sync would not fail on an empty or unstructured git repository (AAP-35777)\n* Fixed an issue in the collection where the activation module failed with a misleading error message if the rulebook, project, decision environment, or organization could not be found (AAP-35360)\n* Fixed an issue where rulebook validation import/sync fails when a rulebook has a duplicated rule name (AAP-35164)\n* Added validation that a host specified as part of a container registry credential conforms to container registry standards (AAP-34969)\n* Fixed an issue where the Event Driven Ansible API allowed a credential\u2019s type to be changed (AAP-34968)\n* Fixed an issue where a previously failed project could be accidentally changed to completed after a resync (AAP-34744)\n* Fixed an issue where no message was recorded when a project did not contain any rulebooks (AAP-34555)\n* Fixed an issue whereby multiple Red Hat Ansible Automation Platform credentials were being attached to activations (AAP-34025)\n* Fixed an issue where the url field of the event stream was not updated if EDA_EVENT_STREAM_BASE_URL setting changed (AAP-33819)\n* Extended the scope of the log_level and debug settings (AAP-33669)\n* Fixed an issue where there was an erroneous dependency on the existence of an organization named Default (AAP-33551)\n* A project can now be synced with the Event Driven Ansible collection modules (AAP-32264)\n* Fixed an issue where occasionally an activation is reported as running, before it is ready to receive events (AAP-31225)\n* Fixed an issue where Enabled options had its own scrollbar on the Rulebook Activation Details page (AAP-31130)\n* Added \u0027purge_log_records\u0027 to aap-eda-manage to clean up outdated database records (AAP-30684)\n* Fixed an issue where the status of an activation was occasionally inconsistent with the status of the latest instance after a restart (AAP-29755)\n* Fixed an issue where the user could not edit auto-generated injector vars while creating Event Driven Ansible custom credentials (AAP-29752)\n* Fixed an issue where importing a project from a non-existing branch resulted in the completed state instead of a Failed status (AAP-29144)\n* Fixed an issue where in some cases the file_watch source plugin in an Event Driven Ansible collection raised the QueueFull exception (AAP-29139)\n* In the Rulebook activation create form, selecting a project is now required before selecting a rulebook (AAP-28082)\n* The Create Credentials button is now visible irrespective of whether there are any existing credentials or not (AAP-23707)\n* automation-eda-controller has been updated to 1.1.3\n* ansible-rulebook has been updated to 1.1.2\n\nContainer-based Ansible Automation Platform\n* Fixed an issue that allowed Automation controller nodes to override the receptor_peers variable (AAP-37085)\n* Fixed an issue where the containerized installer ignored receptor_type for automation controller hosts and always installed them as hybrid (AAP-37012)\n* Fixed an issue where Podman was not present in the task container, and the cleanup image task failed (AAP-37011)\n* Fixed an issue where receptor_type and receptor_protocol variables validation checks were skipped during the preflight role execution (AAP-36857)\n* Fixed an issue where only one Automation controller node was configured with Execution/Hop node peers rather than all Automation controller nodes (AAP-36851)\n* Fixed an issue when the Automation Controller services loose connection to the database then containers are stopped and never started back automatically (AAP-36850)\n* containerized installer setup has been updated to 2.5-7\n\nAdditional changes:\n* Added help text to all missing fields in AAP API gateway and django-ansible-base (AAP-37068)\n* Consistently formatted sentence structure for help_text, and provided more context in the help text where it was vagueConsistently formatted sentence structure for help_text, and provided more context in the help text where it was vague (AAP-37016)\n* Fixed an issue where migration was missing (AAP-37015)\n* Fixed an issue where django-ansible-base fallback cache kept creating a tmp file even if the LOCATION was set to another path (AAP-36869)\n* Fixed an issue where the OIDC authenticator was not allowed to use the JSON key to extract user groups, or for a user to be modified via the new GROUPS_CLAIM configuration setting (AAP-36716)\n* Fixed an issue where the gateway oauth token was not encrypted at rest (AAP-36715)\n* Added more user input validation around http_ports in gateway (AAP-36714)\n* Fixed an issue where the Gateway did not properly interpret SAML attributes for mappings (AAP-36713)\n* Added setting \u0027trusted_header_timeout_in_ns\u0027 to timegate X_TRUSTED_PROXY_HEADER validation in djanbo-ansible-base libraries (AAP-36712)\n* Added dynamic preferences for usage by automation analytics (AAP-36710)\n* Added an \u0027enabled\u0027 flag for turning authenticator maps on or off (AAP-36709)\n* Allow non-self-signed certificate+key pairs to be used in SAML authenticator configurations (AAP-36707)\n* Make login page redirect to /api/gateway/v1 if already logged in (AAP-36638)\n* aap-metrics-utility has been updated to 0.4.1 (AAP-36393)\n* ansible-core has been updated to 2.16.14\n* automation-gateway has been updated to 2.5.20241218\n* python3.11-django-ansible-base has been updated to 2.5.20241218",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:11145",
"url": "https://access.redhat.com/errata/RHSA-2024:11145"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2325171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
},
{
"category": "external",
"summary": "2327579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327579"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_11145.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update",
"tracking": {
"current_release_date": "2024-12-18T05:22:20+00:00",
"generator": {
"date": "2024-12-18T05:22:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:11145",
"initial_release_date": "2024-12-16T18:56:50+00:00",
"revision_history": [
{
"date": "2024-12-16T18:56:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-12-16T18:56:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T05:22:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.src",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.src",
"product_id": "aap-metrics-utility-0:0.4.1-2.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-rulebook-0:1.1.2-1.el8ap.src",
"product": {
"name": "ansible-rulebook-0:1.1.2-1.el8ap.src",
"product_id": "ansible-rulebook-0:1.1.2-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-rulebook@1.1.2-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-core-1:2.16.14-1.el8ap.src",
"product": {
"name": "ansible-core-1:2.16.14-1.el8ap.src",
"product_id": "ansible-core-1:2.16.14-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.16.14-1.el8ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-0:2.5.20241218-1.el8ap.src",
"product": {
"name": "automation-gateway-0:2.5.20241218-1.el8ap.src",
"product_id": "automation-gateway-0:2.5.20241218-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway@2.5.20241218-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"product": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"product_id": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20241218-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-0:1.1.3-1.el8ap.src",
"product": {
"name": "automation-eda-controller-0:1.1.3-1.el8ap.src",
"product_id": "automation-eda-controller-0:1.1.3-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller@1.1.3-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.11-validators-0:0.34.0-1.el8ap.src",
"product": {
"name": "python3.11-validators-0:0.34.0-1.el8ap.src",
"product_id": "python3.11-validators-0:0.34.0-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-validators@0.34.0-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-flags-0:5.0.13-1.el8ap.src",
"product": {
"name": "python3.11-django-flags-0:5.0.13-1.el8ap.src",
"product_id": "python3.11-django-flags-0:5.0.13-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-flags@5.0.13-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-0:1.1.3-1.el9ap.src",
"product": {
"name": "automation-eda-controller-0:1.1.3-1.el9ap.src",
"product_id": "automation-eda-controller-0:1.1.3-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller@1.1.3-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.src",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.src",
"product_id": "aap-metrics-utility-0:0.4.1-2.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-core-1:2.16.14-1.el9ap.src",
"product": {
"name": "ansible-core-1:2.16.14-1.el9ap.src",
"product_id": "ansible-core-1:2.16.14-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.16.14-1.el9ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-0:2.5.20241218-1.el9ap.src",
"product": {
"name": "automation-gateway-0:2.5.20241218-1.el9ap.src",
"product_id": "automation-gateway-0:2.5.20241218-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway@2.5.20241218-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-rulebook-0:1.1.2-1.el9ap.src",
"product": {
"name": "ansible-rulebook-0:1.1.2-1.el9ap.src",
"product_id": "ansible-rulebook-0:1.1.2-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-rulebook@1.1.2-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"product": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"product_id": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20241218-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.11-validators-0:0.34.0-1.el9ap.src",
"product": {
"name": "python3.11-validators-0:0.34.0-1.el9ap.src",
"product_id": "python3.11-validators-0:0.34.0-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-validators@0.34.0-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-flags-0:5.0.13-1.el9ap.src",
"product": {
"name": "python3.11-django-flags-0:5.0.13-1.el9ap.src",
"product_id": "python3.11-django-flags-0:5.0.13-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-flags@5.0.13-1.el9ap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"product_id": "aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"product_id": "aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el9ap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"product_id": "aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"product_id": "aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el9ap?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"product_id": "aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"product_id": "aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el9ap?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"product_id": "aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"product": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"product_id": "aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/aap-metrics-utility@0.4.1-2.el9ap?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"product": {
"name": "ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"product_id": "ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-rulebook@1.1.2-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-core-1:2.16.14-1.el8ap.noarch",
"product": {
"name": "ansible-core-1:2.16.14-1.el8ap.noarch",
"product_id": "ansible-core-1:2.16.14-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.16.14-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ansible-test-1:2.16.14-1.el8ap.noarch",
"product": {
"name": "ansible-test-1:2.16.14-1.el8ap.noarch",
"product_id": "ansible-test-1:2.16.14-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-test@2.16.14-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"product_id": "automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"product_id": "automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway-config@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"product_id": "automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway-server@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bactivitystream@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bapi_documentation@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bauthentication@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bchannel_auth@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bjwt_consumer@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Boauth2_provider@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Brbac@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bredis_client@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Brest_filters@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"product": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"product_id": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20241218-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"product": {
"name": "automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"product_id": "automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller@1.1.3-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"product": {
"name": "automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"product_id": "automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-base@1.1.3-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"product": {
"name": "automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"product_id": "automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.3-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"product": {
"name": "automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"product_id": "automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.3-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"product": {
"name": "automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"product_id": "automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.3-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-validators-0:0.34.0-1.el8ap.noarch",
"product": {
"name": "python3.11-validators-0:0.34.0-1.el8ap.noarch",
"product_id": "python3.11-validators-0:0.34.0-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-validators@0.34.0-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"product": {
"name": "python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"product_id": "python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-flags@5.0.13-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"product": {
"name": "automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"product_id": "automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller@1.1.3-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"product": {
"name": "automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"product_id": "automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-base@1.1.3-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"product": {
"name": "automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"product_id": "automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.3-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"product": {
"name": "automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"product_id": "automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.3-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"product": {
"name": "automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"product_id": "automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.3-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-core-1:2.16.14-1.el9ap.noarch",
"product": {
"name": "ansible-core-1:2.16.14-1.el9ap.noarch",
"product_id": "ansible-core-1:2.16.14-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.16.14-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ansible-test-1:2.16.14-1.el9ap.noarch",
"product": {
"name": "ansible-test-1:2.16.14-1.el9ap.noarch",
"product_id": "ansible-test-1:2.16.14-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-test@2.16.14-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"product_id": "automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"product_id": "automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway-config@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"product_id": "automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-gateway-server@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"product": {
"name": "ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"product_id": "ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-rulebook@1.1.2-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bactivitystream@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bapi_documentation@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bauthentication@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bchannel_auth@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bjwt_consumer@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Boauth2_provider@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Brbac@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Bredis_client@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base%2Brest_filters@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"product": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"product_id": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-ansible-base@2.5.20241218-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-validators-0:0.34.0-1.el9ap.noarch",
"product": {
"name": "python3.11-validators-0:0.34.0-1.el9ap.noarch",
"product_id": "python3.11-validators-0:0.34.0-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-validators@0.34.0-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"product": {
"name": "python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"product_id": "python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django-flags@5.0.13-1.el9ap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch"
},
"product_reference": "ansible-core-1:2.16.14-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src"
},
"product_reference": "ansible-core-1:2.16.14-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.16.14-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch"
},
"product_reference": "ansible-test-1:2.16.14-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch"
},
"product_reference": "ansible-core-1:2.16.14-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src"
},
"product_reference": "ansible-core-1:2.16.14-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.16.14-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch"
},
"product_reference": "ansible-test-1:2.16.14-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch"
},
"product_reference": "ansible-core-1:2.16.14-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src"
},
"product_reference": "ansible-core-1:2.16.14-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-rulebook-0:1.1.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch"
},
"product_reference": "ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-rulebook-0:1.1.2-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src"
},
"product_reference": "ansible-rulebook-0:1.1.2-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.16.14-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch"
},
"product_reference": "ansible-test-1:2.16.14-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-0:1.1.3-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch"
},
"product_reference": "automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-0:1.1.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src"
},
"product_reference": "automation-eda-controller-0:1.1.3-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-base-0:1.1.3-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch"
},
"product_reference": "automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch"
},
"product_reference": "automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch"
},
"product_reference": "automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch"
},
"product_reference": "automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-0:2.5.20241218-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src"
},
"product_reference": "automation-gateway-0:2.5.20241218-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-config-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-server-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch"
},
"product_reference": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src"
},
"product_reference": "python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-flags-0:5.0.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch"
},
"product_reference": "python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-flags-0:5.0.13-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src"
},
"product_reference": "python3.11-django-flags-0:5.0.13-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-validators-0:0.34.0-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch"
},
"product_reference": "python3.11-validators-0:0.34.0-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-validators-0:0.34.0-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src"
},
"product_reference": "python3.11-validators-0:0.34.0-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch"
},
"product_reference": "ansible-core-1:2.16.14-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src"
},
"product_reference": "ansible-core-1:2.16.14-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.16.14-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch"
},
"product_reference": "ansible-test-1:2.16.14-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch"
},
"product_reference": "ansible-core-1:2.16.14-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src"
},
"product_reference": "ansible-core-1:2.16.14-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.16.14-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch"
},
"product_reference": "ansible-test-1:2.16.14-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "aap-metrics-utility-0:0.4.1-2.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64"
},
"product_reference": "aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch"
},
"product_reference": "ansible-core-1:2.16.14-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.16.14-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src"
},
"product_reference": "ansible-core-1:2.16.14-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-rulebook-0:1.1.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch"
},
"product_reference": "ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-rulebook-0:1.1.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src"
},
"product_reference": "ansible-rulebook-0:1.1.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.16.14-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch"
},
"product_reference": "ansible-test-1:2.16.14-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-0:1.1.3-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch"
},
"product_reference": "automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-0:1.1.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src"
},
"product_reference": "automation-eda-controller-0:1.1.3-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-base-0:1.1.3-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch"
},
"product_reference": "automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch"
},
"product_reference": "automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch"
},
"product_reference": "automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch"
},
"product_reference": "automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-0:2.5.20241218-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src"
},
"product_reference": "automation-gateway-0:2.5.20241218-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-config-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-gateway-server-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch"
},
"product_reference": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src"
},
"product_reference": "python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-flags-0:5.0.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch"
},
"product_reference": "python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-flags-0:5.0.13-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src"
},
"product_reference": "python3.11-django-flags-0:5.0.13-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-validators-0:0.34.0-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch"
},
"product_reference": "python3.11-validators-0:0.34.0-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-validators-0:0.34.0-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
},
"product_reference": "python3.11-validators-0:0.34.0-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-11079",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-11-11T11:43:42.603000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2325171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-11079"
},
{
"category": "external",
"summary": "RHBZ#2325171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-11079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-11079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11079"
}
],
"release_date": "2024-11-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T18:56:50+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11145"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid using the hostvars object to reference content marked as !unsafe. Ensure that all remote data from modules or lookups is properly sanitized and validated before use in playbooks. Additionally, restrict access to inventory files and Ansible playbooks to trusted users to minimize exploitation risks.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ansible-core: Unsafe Tagging Bypass via hostvars Object in Ansible-Core"
},
{
"cve": "CVE-2024-11483",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2024-11-20T08:03:10.145000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2327579"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Ansible Automation Platform (AAP). This flaw allows attackers to escalate privileges by improperly leveraging read-scoped OAuth2 tokens to gain write access. This issue affects API endpoints that rely on ansible_base.oauth2_provider for OAuth2 authentication. While the impact is limited to actions within the user\u2019s assigned permissions, it undermines scoped access controls, potentially allowing unintended modifications in the application and consuming services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "automation-gateway: Improper Scope Handling in OAuth2 Tokens for AAP 2.5",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-11483"
},
{
"category": "external",
"summary": "RHBZ#2327579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-11483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11483"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-11483",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11483"
},
{
"category": "external",
"summary": "https://github.com/ansible/django-ansible-base/commit/845b3e1838cc0762a7f9f3e0379c5274519d9a44",
"url": "https://github.com/ansible/django-ansible-base/commit/845b3e1838cc0762a7f9f3e0379c5274519d9a44"
}
],
"release_date": "2024-11-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-16T18:56:50+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:11145"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Developer-1.2:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5-Inside-1.3:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:aap-metrics-utility-0:0.4.1-2.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-core-1:2.16.14-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:ansible-rulebook-0:1.1.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:ansible-test-1:2.16.14-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.3-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-config-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:automation-gateway-server-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+activitystream-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+api_documentation-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+authentication-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+channel_auth-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+jwt_consumer-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+oauth2_provider-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rbac-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+redis_client-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base+rest_filters-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-ansible-base-0:2.5.20241218-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-django-flags-0:5.0.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.5:python3.11-validators-0:0.34.0-1.el9ap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "automation-gateway: Improper Scope Handling in OAuth2 Tokens for AAP 2.5"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.