Action not permitted
Modal body text goes here.
CVE-2024-39330
Vulnerability from cvelistv5
Published
2024-07-10 00:00
Modified
2024-08-02 04:26
Severity
Summary
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39330",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:59:56.070563Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T14:00:05.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.188Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.djangoproject.com/weblog/2024/jul/09/security-releases/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T04:49:58.757985",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"url": "https://www.djangoproject.com/weblog/2024/jul/09/security-releases/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-39330",
"datePublished": "2024-07-10T00:00:00",
"dateReserved": "2024-06-23T00:00:00",
"dateUpdated": "2024-08-02T04:26:14.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-39330\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-07-10T05:15:12.167\",\"lastModified\":\"2024-07-11T13:05:54.930\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en Django 5.0 anterior a 5.0.7 y 4.2 anterior a 4.2.14. Las clases derivadas de la clase base django.core.files.storage.Storage, cuando anulan generate_filename() sin replicar las validaciones de ruta de archivo de la clase principal, potencialmente permiten directory traversal a trav\u00e9s de ciertas entradas durante una llamada save(). (Las subclases de almacenamiento integrado no se ven afectadas).\"}],\"metrics\":{},\"references\":[{\"url\":\"https://docs.djangoproject.com/en/dev/releases/security/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://groups.google.com/forum/#%21forum/django-announce\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.djangoproject.com/weblog/2024/jul/09/security-releases/\",\"source\":\"cve@mitre.org\"}]}}"
}
}
rhsa-2024_6428
Vulnerability from csaf_redhat
Published
2024-09-05 14:13
Modified
2024-09-14 03:14
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)
* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)
* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)
* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)
* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)
* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)
* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)
* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)
* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)
* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes for automation controller:
* Updated the receptor to not automatically release the receptor work unit when "RECEPTOR_KEEP_WORK_ON_ERROR" is set to true (AAP-27635)
* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)
* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)
* automation-controller has been updated to 4.5.10
Updates and fixes for automation hub:
* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)
* python3/python39-pulpcore has been updated to 3.28.31
* python3/python39-pulp-ansible has been updated to 0.20.8
Additional fixes:
* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)
* python3/python39-django has been updated to 4.2.15
* python3/python39-grpcio has been updated to 1.58.3
* python3/python39-jmespath has been updated to 0.10.0-5
* python3/python39-zipp has been updated to 3.19.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)\n* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)\n* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)\n* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)\n* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)\n* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)\n* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)\n* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)\n* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)\n* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes for automation controller:\n* Updated the receptor to not automatically release the receptor work unit when \"RECEPTOR_KEEP_WORK_ON_ERROR\" is set to true (AAP-27635)\n* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)\n* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)\n* automation-controller has been updated to 4.5.10\n\nUpdates and fixes for automation hub:\n* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)\n* python3/python39-pulpcore has been updated to 3.28.31\n* python3/python39-pulp-ansible has been updated to 0.20.8\n\nAdditional fixes:\n* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)\n* python3/python39-django has been updated to 4.2.15\n* python3/python39-grpcio has been updated to 1.58.3\n* python3/python39-jmespath has been updated to 0.10.0-5\n* python3/python39-zipp has been updated to 3.19.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6428",
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6428.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update",
"tracking": {
"current_release_date": "2024-09-14T03:14:43+00:00",
"generator": {
"date": "2024-09-14T03:14:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:6428",
"initial_release_date": "2024-09-05T14:13:20+00:00",
"revision_history": [
{
"date": "2024-09-05T14:13:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-05T14:13:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-14T03:14:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_id": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.28.31-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_id": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.20.8-1.el9ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_id": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-2.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-django-0:4.2.15-1.el9ap.src",
"product": {
"name": "python-django-0:4.2.15-1.el9ap.src",
"product_id": "python-django-0:4.2.15-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django@4.2.15-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product": {
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product_id": "python-zipp-0:3.19.2-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-zipp@3.19.2-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_id": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio@1.58.3-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product_id": "automation-controller-0:4.5.10-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_id": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jmespath@0.10.0-5.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_id": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulpcore@3.28.31-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_id": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulp-ansible@0.20.8-1.el8ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_id": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-gunicorn@22.0.0-2.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product": {
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product_id": "python3x-django-0:4.2.15-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-django@4.2.15-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_id": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio@1.58.3-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product_id": "automation-controller-0:4.5.10-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_id": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-jmespath@0.10.0-5.el8ap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_id": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulpcore@3.28.31-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_id": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulp-ansible@0.20.8-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_id": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-gunicorn@22.0.0-2.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_id": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-django@4.2.15-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_id": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-zipp@3.19.2-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_id": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jmespath@0.10.0-5.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_id": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.28.31-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_id": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-ansible@0.20.8-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_id": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gunicorn@22.0.0-2.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_id": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django@4.2.15-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_id": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-zipp@3.19.2-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_id": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-jmespath@0.10.0-5.el8ap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch"
},
"product_reference": "python39-django-0:4.2.15-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch"
},
"product_reference": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch"
},
"product_reference": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch"
},
"product_reference": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch"
},
"product_reference": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-django-0:4.2.15-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src"
},
"product_reference": "python3x-django-0:4.2.15-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src"
},
"product_reference": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src"
},
"product_reference": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src"
},
"product_reference": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src"
},
"product_reference": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src"
},
"product_reference": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.15-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src"
},
"product_reference": "python-django-0:4.2.15-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src"
},
"product_reference": "python-grpcio-0:1.58.3-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src"
},
"product_reference": "python-gunicorn-0:22.0.0-2.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src"
},
"product_reference": "python-jmespath-0:0.10.0-5.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src"
},
"product_reference": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src"
},
"product_reference": "python-pulpcore-0:3.28.31-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
},
"product_reference": "python3-django-0:4.2.15-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch"
},
"product_reference": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch"
},
"product_reference": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch"
},
"product_reference": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
},
"product_reference": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5569",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2296413"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5569"
},
{
"category": "external",
"summary": "RHBZ#2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
},
{
"category": "external",
"summary": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd",
"url": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae",
"url": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae"
}
],
"release_date": "2024-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp"
},
{
"cve": "CVE-2024-6840",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-07-17T18:01:46+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298492"
}
],
"notes": [
{
"category": "description",
"text": "An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "automation-controller: Gain access to the k8s API server via job execution with Container Group",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6840"
},
{
"category": "external",
"summary": "RHBZ#2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840"
}
],
"release_date": "2024-09-05T09:09:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "automation-controller: Gain access to the k8s API server via job execution with Container Group"
},
{
"cve": "CVE-2024-7246",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2024-08-06T11:20:24.557753+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2303104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. By sending a specially crafted request, an attacker could leak other clients HTTP header keys. Attackers are only able to access HTTP header keys but not values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is specific to C++ implementations of gRPC release and does not affect Golang or Java implementations of gRPC.\n\nThe gRPC RPM was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library, hence, grpcio dependency has been removed from Kuryr since Openshift-4.12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7246"
},
{
"category": "external",
"summary": "RHBZ#2303104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/issues/36245",
"url": "https://github.com/grpc/grpc/issues/36245"
}
],
"release_date": "2024-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend"
},
{
"cve": "CVE-2024-32879",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2024-04-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277035"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32879"
},
{
"category": "external",
"summary": "RHBZ#2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879"
},
{
"category": "external",
"summary": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3",
"url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3"
}
],
"release_date": "2024-04-24T06:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django"
},
{
"cve": "CVE-2024-33663",
"discovery_date": "2024-04-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277297"
}
],
"notes": [
{
"category": "description",
"text": "python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-33663"
},
{
"category": "external",
"summary": "RHBZ#2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-33663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663"
}
],
"release_date": "2024-04-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats"
},
{
"cve": "CVE-2024-38875",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295935"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Python-Django in django.utils.html.urlize() function. The issue triggers when it is parsed with certain inputs with a very large number of brackets, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38875"
},
{
"category": "external",
"summary": "RHBZ#2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875"
}
],
"release_date": "2024-07-26T06:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-39329",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-07-05T09:46:29+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295936"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate() method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Username enumeration through timing difference for users with unusable passwords",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39329"
},
{
"category": "external",
"summary": "RHBZ#2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Username enumeration through timing difference for users with unusable passwords"
},
{
"cve": "CVE-2024-39330",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295937"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs when calling save(). Built-in Storage sub-classes were not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39330"
},
{
"category": "external",
"summary": "RHBZ#2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39330",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39330"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()"
},
{
"cve": "CVE-2024-39614",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T09:46:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295938"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the get_supported_language_variant() function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39614"
},
{
"category": "external",
"summary": "RHBZ#2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()"
},
{
"cve": "CVE-2024-41989",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T01:40:06+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302433"
}
],
"notes": [
{
"category": "description",
"text": "A security issue was found in Django. If \u0027floatformat\u0027 received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41989"
},
{
"category": "external",
"summary": "RHBZ#2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()"
},
{
"cve": "CVE-2024-41990",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2024-08-02T01:52:36+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302434"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41990"
},
{
"category": "external",
"summary": "RHBZ#2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Implementing input validation and limiting the the size of inputs to the urlize and urlizetrunc will mitigate this vulnerability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-41991",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T02:03:22+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "RHBZ#2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41991"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget"
},
{
"cve": "CVE-2024-42005",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-08-02T02:08:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302436"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential SQL injection in QuerySet.values() and values_list()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42005"
},
{
"category": "external",
"summary": "RHBZ#2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential SQL injection in QuerySet.values() and values_list()"
}
]
}
wid-sec-w-2024-1569
Vulnerability from csaf_certbund
Published
2024-07-09 22:00
Modified
2024-07-22 22:00
Summary
Django: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Django ist ein in Python geschriebenes serverseitiges Web-Framework, das einem Model-View-Presenter-Schema folgt.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Django ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Django ist ein in Python geschriebenes serverseitiges Web-Framework, das einem Model-View-Presenter-Schema folgt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Django ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1569 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1569.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1569 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1569"
},
{
"category": "external",
"summary": "Django security releases vom 2024-07-09",
"url": "https://www.djangoproject.com/weblog/2024/jul/09/security-releases/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6888-1 vom 2024-07-09",
"url": "https://ubuntu.com/security/notices/USN-6888-1"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-D05D37EAD7 vom 2024-07-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-d05d37ead7"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-82547E3E16 vom 2024-07-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-82547e3e16"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-A7EEF0CA7B vom 2024-07-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-a7eef0ca7b"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-7DAC82A14E vom 2024-07-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-7dac82a14e"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2024-998AB9C7FA vom 2024-07-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-998ab9c7fa"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6888-2 vom 2024-07-11",
"url": "https://ubuntu.com/security/notices/USN-6888-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2545-1 vom 2024-07-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018995.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2577-1 vom 2024-07-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/019014.html"
}
],
"source_lang": "en-US",
"title": "Django: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-22T22:00:00.000+00:00",
"generator": {
"date": "2024-07-23T08:02:59.776+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-1569",
"initial_release_date": "2024-07-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-07-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-07-17T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.0.7",
"product": {
"name": "Open Source Django \u003c5.0.7",
"product_id": "T035962",
"product_identification_helper": {
"cpe": "cpe:/a:djangoproject:django:5.0.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.2.14",
"product": {
"name": "Open Source Django \u003c4.2.14",
"product_id": "T035963",
"product_identification_helper": {
"cpe": "cpe:/a:djangoproject:django:4.2.14"
}
}
}
],
"category": "product_name",
"name": "Django"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38875",
"notes": [
{
"category": "description",
"text": "In Django bestehen mehrere Schwachstellen, die auf verschiedene sicherheitsrelevante Probleme zur\u00fcckzuf\u00fchren sind, wie z. B. eine unsachgem\u00e4\u00dfe Neutralisierung von Eingaben, ein Directory-Traversal oder eine unsachgem\u00e4\u00dfe Behandlung bestimmter Zeichen und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T002207",
"T000126",
"74185"
]
},
"release_date": "2024-07-09T22:00:00Z",
"title": "CVE-2024-38875"
},
{
"cve": "CVE-2024-39329",
"notes": [
{
"category": "description",
"text": "In Django bestehen mehrere Schwachstellen, die auf verschiedene sicherheitsrelevante Probleme zur\u00fcckzuf\u00fchren sind, wie z. B. eine unsachgem\u00e4\u00dfe Neutralisierung von Eingaben, ein Directory-Traversal oder eine unsachgem\u00e4\u00dfe Behandlung bestimmter Zeichen und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T002207",
"T000126",
"74185"
]
},
"release_date": "2024-07-09T22:00:00Z",
"title": "CVE-2024-39329"
},
{
"cve": "CVE-2024-39330",
"notes": [
{
"category": "description",
"text": "In Django bestehen mehrere Schwachstellen, die auf verschiedene sicherheitsrelevante Probleme zur\u00fcckzuf\u00fchren sind, wie z. B. eine unsachgem\u00e4\u00dfe Neutralisierung von Eingaben, ein Directory-Traversal oder eine unsachgem\u00e4\u00dfe Behandlung bestimmter Zeichen und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T002207",
"T000126",
"74185"
]
},
"release_date": "2024-07-09T22:00:00Z",
"title": "CVE-2024-39330"
},
{
"cve": "CVE-2024-39614",
"notes": [
{
"category": "description",
"text": "In Django bestehen mehrere Schwachstellen, die auf verschiedene sicherheitsrelevante Probleme zur\u00fcckzuf\u00fchren sind, wie z. B. eine unsachgem\u00e4\u00dfe Neutralisierung von Eingaben, ein Directory-Traversal oder eine unsachgem\u00e4\u00dfe Behandlung bestimmter Zeichen und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder vertrauliche Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T002207",
"T000126",
"74185"
]
},
"release_date": "2024-07-09T22:00:00Z",
"title": "CVE-2024-39614"
}
]
}
ghsa-9jmf-237g-qf46
Vulnerability from github
Published
2024-07-10 06:33
Modified
2024-07-10 21:41
Severity
7.5 (High) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
8.7 (High) - CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
8.7 (High) - CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Django Path Traversal vulnerability
Details
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.2.14"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-39330"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2024-07-10T21:41:33Z",
"nvd_published_at": "2024-07-10T05:15:12Z",
"severity": "HIGH"
},
"details": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the `django.core.files.storage.Storage` base class, when they override `generate_filename()` without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a `save()` call. (Built-in Storage sub-classes are unaffected.)",
"id": "GHSA-9jmf-237g-qf46",
"modified": "2024-07-10T21:41:33Z",
"published": "2024-07-10T06:33:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/2b00edc0151a660d1eb86da4059904a0fc4e095e"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/9f4f63e9ebb7bf6cb9547ee4e2526b9b96703270"
},
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security"
},
{
"type": "PACKAGE",
"url": "https://github.com/django/django"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-58.yaml"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"type": "WEB",
"url": "https://www.djangoproject.com/weblog/2024/jul/09/security-releases"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Django Path Traversal vulnerability"
}
pysec-2024-58
Vulnerability from pysec
Published
2024-07-10 05:15
Modified
2024-07-10 11:20
Details
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "django",
"purl": "pkg:pypi/django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.7"
},
{
"introduced": "4.2"
},
{
"fixed": "4.2.14"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.2",
"4.2.1",
"4.2.10",
"4.2.11",
"4.2.12",
"4.2.13",
"4.2.2",
"4.2.3",
"4.2.4",
"4.2.5",
"4.2.6",
"4.2.7",
"4.2.8",
"4.2.9",
"5.0",
"5.0.1",
"5.0.2",
"5.0.3",
"5.0.4",
"5.0.5",
"5.0.6"
]
}
],
"aliases": [
"CVE-2024-39330"
],
"details": "An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. Derived classes of the django.core.files.storage.Storage base class, when they override generate_filename() without replicating the file-path validations from the parent class, potentially allow directory traversal via certain inputs during a save() call. (Built-in Storage sub-classes are unaffected.)",
"id": "PYSEC-2024-58",
"modified": "2024-07-10T11:20:07.704786+00:00",
"published": "2024-07-10T05:15:00+00:00",
"references": [
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"type": "ARTICLE",
"url": "https://www.djangoproject.com/weblog/2024/jul/09/security-releases/"
}
]
}
Loading...