Action not permitted
Modal body text goes here.
CVE-2024-41991
Vulnerability from cvelistv5
Published
2024-08-07 00:00
Modified
2024-08-12 15:56
Severity ?
EPSS score ?
Summary
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://docs.djangoproject.com/en/dev/releases/security/ | Patch, Vendor Advisory | |
cve@mitre.org | https://groups.google.com/forum/#%21forum/django-announce | Not Applicable | |
cve@mitre.org | https://www.djangoproject.com/weblog/2024/aug/06/security-releases/ | Vendor Advisory |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "django", "vendor": "djangoproject", "versions": [ { "lessThan": "4.2.15", "status": "affected", "version": "4.2", "versionType": "custom" }, { "lessThan": "5.0.8", "status": "affected", "version": "5.0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-41991", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-07T17:57:11.874865Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-130", "description": "CWE-130 Improper Handling of Length Parameter Inconsistency", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-12T15:56:42.887Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-07T14:13:02.341557", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2024-41991", "datePublished": "2024-08-07T00:00:00", "dateReserved": "2024-07-25T00:00:00", "dateUpdated": "2024-08-12T15:56:42.887Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-41991\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-08-07T15:15:56.160\",\"lastModified\":\"2024-08-07T20:48:22.403\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1284\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-130\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndExcluding\":\"4.2.15\",\"matchCriteriaId\":\"7C38224F-C41B-428C-89C2-603BBA95AD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.0.8\",\"matchCriteriaId\":\"3384B57C-DBF5-4E23-99E7-92B260D53E8E\"}]}]}],\"references\":[{\"url\":\"https://docs.djangoproject.com/en/dev/releases/security/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/forum/#%21forum/django-announce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://www.djangoproject.com/weblog/2024/aug/06/security-releases/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
rhsa-2024_7987
Vulnerability from csaf_redhat
Published
2024-10-10 20:31
Modified
2024-11-15 21:26
Summary
Red Hat Security Advisory: Satellite 6.15.4 Security Update
Notes
Topic
An update is now available for Red Hat Satellite 6.15 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from the
CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers (CVE-2024-1135)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override (CVE-2024-26130)
* python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Satellite 6.15 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from the\nCVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\nSecurity Fix(es):\n\n* python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers (CVE-2024-1135)\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n* python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override (CVE-2024-26130)\n* python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:7987", "url": "https://access.redhat.com/errata/RHSA-2024:7987" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index" }, { "category": "external", "summary": "2269617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269617" }, { "category": "external", "summary": "2275280", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275280" }, { "category": "external", "summary": "2292787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787" }, { "category": "external", "summary": "2302435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435" }, { "category": "external", "summary": "SAT-25848", "url": "https://issues.redhat.com/browse/SAT-25848" }, { "category": "external", "summary": "SAT-27294", "url": "https://issues.redhat.com/browse/SAT-27294" }, { "category": "external", "summary": "SAT-27295", "url": "https://issues.redhat.com/browse/SAT-27295" }, { "category": "external", "summary": "SAT-27296", "url": "https://issues.redhat.com/browse/SAT-27296" }, { "category": "external", "summary": "SAT-27299", "url": "https://issues.redhat.com/browse/SAT-27299" }, { "category": "external", "summary": "SAT-27950", "url": "https://issues.redhat.com/browse/SAT-27950" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7987.json" } ], "title": "Red Hat Security Advisory: Satellite 6.15.4 Security Update", "tracking": { "current_release_date": "2024-11-15T21:26:43+00:00", "generator": { "date": "2024-11-15T21:26:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:7987", "initial_release_date": "2024-10-10T20:31:33+00:00", "revision_history": [ { "date": "2024-10-10T20:31:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-10T20:31:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T21:26:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 6.15 for RHEL 8", "product": { "name": "Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite:6.15::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.15 for RHEL 8", "product": { "name": "Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8" } } }, { "category": "product_name", "name": "Red Hat Satellite 6.15 for RHEL 8", "product": { "name": "Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils", "product_identification_helper": { "cpe": "cpe:/a:redhat:satellite_utils:6.15::el8" } } } ], "category": "product_family", "name": "Red Hat Satellite 6" }, { "branches": [ { "category": "product_version", "name": "foreman-0:3.9.1.10-1.el8sat.src", "product": { "name": "foreman-0:3.9.1.10-1.el8sat.src", "product_id": "foreman-0:3.9.1.10-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.9.1.10-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "foreman-installer-1:3.9.3.5-1.el8sat.src", "product": { "name": "foreman-installer-1:3.9.3.5-1.el8sat.src", "product_id": "foreman-installer-1:3.9.3.5-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.9.3.5-1.el8sat?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "python-cryptography-0:42.0.8-1.el8pc.src", "product": { "name": "python-cryptography-0:42.0.8-1.el8pc.src", "product_id": "python-cryptography-0:42.0.8-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-cryptography@42.0.8-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "python-django-0:4.2.15-1.el8pc.src", "product": { "name": "python-django-0:4.2.15-1.el8pc.src", "product_id": "python-django-0:4.2.15-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-django@4.2.15-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "python-gunicorn-0:22.0.0-1.el8pc.src", "product": { "name": "python-gunicorn-0:22.0.0-1.el8pc.src", "product_id": "python-gunicorn-0:22.0.0-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "python-pulp-certguard-0:1.7.2-1.el8pc.src", "product": { "name": "python-pulp-certguard-0:1.7.2-1.el8pc.src", "product_id": "python-pulp-certguard-0:1.7.2-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-certguard@1.7.2-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "python-pulpcore-0:3.39.21-1.el8pc.src", "product": { "name": "python-pulpcore-0:3.39.21-1.el8pc.src", "product_id": "python-pulpcore-0:3.39.21-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulpcore@3.39.21-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src", "product": { "name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src", "product_id": "python-pyOpenSSL-0:24.1.0-1.el8pc.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pyOpenSSL@24.1.0-1.el8pc?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "product": { "name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "product_id": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@9.0.58-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "product": { "name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "product_id": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_theme_satellite@13.3.0-0.1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "product": { "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "product_id": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-hammer_cli_foreman_tasks@0.0.21-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.11.0.17-1.el8sat.src", "product": { "name": "rubygem-katello-0:4.11.0.17-1.el8sat.src", "product_id": "rubygem-katello-0:4.11.0.17-1.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.11.0.17-1.el8sat?arch=src" } } }, { "category": "product_version", "name": "satellite-0:6.15.4-2.el8sat.src", "product": { "name": "satellite-0:6.15.4-2.el8sat.src", "product_id": "satellite-0:6.15.4-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.15.4-2.el8sat?arch=src" } } }, { "category": "product_version", "name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "product": { "name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "product_id": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-2.el8sat?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "foreman-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-cli-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-cli@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-debug-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-debug@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ec2@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-journald-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-journald@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-libvirt@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-openstack@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-ovirt@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-pcp@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-postgresql@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-redis-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-redis@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-service-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-service-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-service-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-service@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-telemetry@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "product": { "name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "product_id": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-vmware@3.9.1.10-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch", "product": { "name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch", "product_id": "foreman-installer-1:3.9.3.5-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer@3.9.3.5-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "product": { "name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "product_id": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/foreman-installer-katello@3.9.3.5-1.el8sat?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python3.11-django-0:4.2.15-1.el8pc.noarch", "product": { "name": "python3.11-django-0:4.2.15-1.el8pc.noarch", "product_id": "python3.11-django-0:4.2.15-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-django@4.2.15-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "product": { "name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "product_id": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-gunicorn@22.0.0-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "product": { "name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "product_id": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-pulp-certguard@1.7.2-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "product": { "name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "product_id": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-pulpcore@3.39.21-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "product": { "name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "product_id": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-pyOpenSSL@24.1.0-1.el8pc?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "product": { "name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "product_id": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@9.0.58-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "product": { "name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "product_id": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-foreman_theme_satellite@13.3.0-0.1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "product": { "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "product_id": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-hammer_cli_foreman_tasks@0.0.21-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "product": { "name": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "product_id": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-katello@4.11.0.17-1.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-0:6.15.4-2.el8sat.noarch", "product": { "name": "satellite-0:6.15.4-2.el8sat.noarch", "product_id": "satellite-0:6.15.4-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite@6.15.4-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-cli-0:6.15.4-2.el8sat.noarch", "product": { "name": "satellite-cli-0:6.15.4-2.el8sat.noarch", "product_id": "satellite-cli-0:6.15.4-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-cli@6.15.4-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-common-0:6.15.4-2.el8sat.noarch", "product": { "name": "satellite-common-0:6.15.4-2.el8sat.noarch", "product_id": "satellite-common-0:6.15.4-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-common@6.15.4-2.el8sat?arch=noarch" } } }, { "category": "product_version", "name": "satellite-capsule-0:6.15.4-2.el8sat.noarch", "product": { "name": "satellite-capsule-0:6.15.4-2.el8sat.noarch", "product_id": "satellite-capsule-0:6.15.4-2.el8sat.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/satellite-capsule@6.15.4-2.el8sat?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "product": { "name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "product_id": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-cryptography@42.0.8-1.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "product": { "name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "product_id": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-cryptography-debugsource@42.0.8-1.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "product": { "name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "product_id": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3.11-cryptography-debuginfo@42.0.8-1.el8pc?arch=x86_64" } } }, { "category": "product_version", "name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64", "product": { "name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64", "product_id": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-2.el8sat?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.9.1.10-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src" }, "product_reference": "foreman-0:3.9.1.10-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.9.3.5-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-cryptography-0:42.0.8-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src" }, "product_reference": "python-cryptography-0:42.0.8-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64" }, "product_reference": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-django-0:4.2.15-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src" }, "product_reference": "python-django-0:4.2.15-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-gunicorn-0:22.0.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src" }, "product_reference": "python-gunicorn-0:22.0.0-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-certguard-0:1.7.2-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src" }, "product_reference": "python-pulp-certguard-0:1.7.2-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulpcore-0:3.39.21-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src" }, "product_reference": "python-pulpcore-0:3.39.21-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src" }, "product_reference": "python-pyOpenSSL-0:24.1.0-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64" }, "product_reference": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64" }, "product_reference": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-django-0:4.2.15-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch" }, "product_reference": "python3.11-django-0:4.2.15-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch" }, "product_reference": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch" }, "product_reference": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch" }, "product_reference": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch" }, "product_reference": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.15.4-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src" }, "product_reference": "satellite-0:6.15.4-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-common-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-capsule" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.9.1.10-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src" }, "product_reference": "foreman-0:3.9.1.10-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch" }, "product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src" }, "product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.15.4-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src" }, "product_reference": "satellite-0:6.15.4-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-common-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15-utils" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-0:3.9.1.10-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src" }, "product_reference": "foreman-0:3.9.1.10-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-cli-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-debug-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch" }, "product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-1:3.9.3.5-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src" }, "product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch" }, "product_reference": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-journald-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-redis-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-service-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-service-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch" }, "product_reference": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-cryptography-0:42.0.8-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src" }, "product_reference": "python-cryptography-0:42.0.8-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64" }, "product_reference": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-django-0:4.2.15-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src" }, "product_reference": "python-django-0:4.2.15-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-gunicorn-0:22.0.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src" }, "product_reference": "python-gunicorn-0:22.0.0-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-certguard-0:1.7.2-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src" }, "product_reference": "python-pulp-certguard-0:1.7.2-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulpcore-0:3.39.21-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src" }, "product_reference": "python-pulpcore-0:3.39.21-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src" }, "product_reference": "python-pyOpenSSL-0:24.1.0-1.el8pc.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64" }, "product_reference": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64" }, "product_reference": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-django-0:4.2.15-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch" }, "product_reference": "python3.11-django-0:4.2.15-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch" }, "product_reference": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch" }, "product_reference": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch" }, "product_reference": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch" }, "product_reference": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch" }, "product_reference": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src" }, "product_reference": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch" }, "product_reference": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src" }, "product_reference": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch" }, "product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src" }, "product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch" }, "product_reference": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-katello-0:4.11.0.17-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src" }, "product_reference": "rubygem-katello-0:4.11.0.17-1.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-0:6.15.4-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src" }, "product_reference": "satellite-0:6.15.4-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-capsule-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-capsule-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-cli-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-cli-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "satellite-common-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch" }, "product_reference": "satellite-common-0:6.15.4-2.el8sat.noarch", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src" }, "product_reference": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "relates_to_product_reference": "8Base-satellite-6.15" }, { "category": "default_component_of", "full_product_name": { "name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8", "product_id": "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" }, "product_reference": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64", "relates_to_product_reference": "8Base-satellite-6.15" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-1135", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2024-04-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275280" } ], "notes": [ { "category": "description", "text": "An HTTP Request Smuggling vulnerability was found in Gunicorn. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn\u0027s handling of Transfer-Encoding headers, where it incorrectly processes requests with multiple, conflicting Transfer-Encoding headers, treating them as chunked regardless of the final encoding specified. This vulnerability allows for a range of attacks, including cache poisoning, session manipulation, and data exposure.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch" ], "known_not_affected": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-1135" }, { "category": "external", "summary": "RHBZ#2275280", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275280" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-1135", "url": "https://www.cve.org/CVERecord?id=CVE-2024-1135" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1135", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1135" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w3h3-4rj7-4ph4", "url": "https://github.com/advisories/GHSA-w3h3-4rj7-4ph4" }, { "category": "external", "summary": "https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d", "url": "https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d" }, { "category": "external", "summary": "https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1", "url": "https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1" } ], "release_date": "2024-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-10T20:31:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index", "product_ids": [ "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7987" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers" }, { "cve": "CVE-2024-24790", "cwe": { "id": "CWE-115", "name": "Misinterpretation of Input" }, "discovery_date": "2024-06-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292787" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ], "known_not_affected": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24790" }, { "category": "external", "summary": "RHBZ#2292787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790" } ], "release_date": "2024-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-10T20:31:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index", "product_ids": [ "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7987" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses" }, { "cve": "CVE-2024-26130", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-03-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2269617" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in python-cryptography. A NULL pointer dereference can be triggered when a PKCS#12 key and certificate do not match. Specifically, if the pkcs12.serialize_key_and_certificates function is called with a non-matching certificate and private key and an encryption algorithm with hmac_hash set, the Python process may crash, leading to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in python-cryptography that leads to a NULL pointer dereference during the pkcs12.serialize_key_and_certificates function execution is classified as a moderate severity issue. While the vulnerability can result in a denial-of-service (DoS) by crashing the Python process, it requires specific conditions to trigger: a mismatch between the provided certificate\u0027s public key and private key, coupled with the use of an encryption algorithm with hmac_hash set.\n\nThe exploitation of this vulnerability does not directly lead to arbitrary code execution or data leakage. Instead, it causes a controlled termination of the Python process, which, although disruptive, is not as critical as other vulnerabilities that can lead to unauthorized access, data corruption, or code injection. However, it\u0027s important to note that denial-of-service conditions can still have operational impacts, disrupting services or causing system instability.\n\nThis issue does not affect Red Hat Enterprise Linux 6, 7, 8 and 9 as we dont ship the vulnerable code and package version.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src" ], "known_not_affected": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26130" }, { "category": "external", "summary": "RHBZ#2269617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26130", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26130" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130" } ], "release_date": "2024-02-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-10T20:31:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index", "product_ids": [ "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7987" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override" }, { "cve": "CVE-2024-41991", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-08-02T02:03:22+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2302435" } ], "notes": [ { "category": "description", "text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget", "title": "Vulnerability summary" }, { "category": "other", "text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch" ], "known_not_affected": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41991" }, { "category": "external", "summary": "RHBZ#2302435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41991" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991" }, { "category": "external", "summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/" } ], "release_date": "2024-08-06T13:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-10T20:31:33+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index", "product_ids": [ "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:7987" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src", "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src", "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch", "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch", "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src", "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src", "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src", "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src", "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src", "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch", "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch", "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch", "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src", "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src", "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch", "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src", "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget" } ] }
rhsa-2024_6428
Vulnerability from csaf_redhat
Published
2024-09-05 14:13
Modified
2024-11-15 21:26
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)
* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)
* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)
* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)
* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)
* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)
* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)
* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)
* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)
* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes for automation controller:
* Updated the receptor to not automatically release the receptor work unit when "RECEPTOR_KEEP_WORK_ON_ERROR" is set to true (AAP-27635)
* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)
* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)
* automation-controller has been updated to 4.5.10
Updates and fixes for automation hub:
* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)
* python3/python39-pulpcore has been updated to 3.28.31
* python3/python39-pulp-ansible has been updated to 0.20.8
Additional fixes:
* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)
* python3/python39-django has been updated to 4.2.15
* python3/python39-grpcio has been updated to 1.58.3
* python3/python39-jmespath has been updated to 0.10.0-5
* python3/python39-zipp has been updated to 3.19.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Ansible Automation Platform 2.4\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)\n* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)\n* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)\n* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)\n* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)\n* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)\n* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)\n* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)\n* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)\n* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes for automation controller:\n* Updated the receptor to not automatically release the receptor work unit when \"RECEPTOR_KEEP_WORK_ON_ERROR\" is set to true (AAP-27635)\n* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)\n* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)\n* automation-controller has been updated to 4.5.10\n\nUpdates and fixes for automation hub:\n* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)\n* python3/python39-pulpcore has been updated to 3.28.31\n* python3/python39-pulp-ansible has been updated to 0.20.8\n\nAdditional fixes:\n* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)\n* python3/python39-django has been updated to 4.2.15\n* python3/python39-grpcio has been updated to 1.58.3\n* python3/python39-jmespath has been updated to 0.10.0-5\n* python3/python39-zipp has been updated to 3.19.2", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:6428", "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2277035", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035" }, { "category": "external", "summary": "2277297", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297" }, { "category": "external", "summary": "2295935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935" }, { "category": "external", "summary": "2295936", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936" }, { "category": "external", "summary": "2295937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937" }, { "category": "external", "summary": "2295938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938" }, { "category": "external", "summary": "2296413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413" }, { "category": "external", "summary": "2298492", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492" }, { "category": "external", "summary": "2302433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433" }, { "category": "external", "summary": "2302434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434" }, { "category": "external", "summary": "2302435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435" }, { "category": "external", "summary": "2302436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6428.json" } ], "title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update", "tracking": { "current_release_date": "2024-11-15T21:26:32+00:00", "generator": { "date": "2024-11-15T21:26:32+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:6428", "initial_release_date": "2024-09-05T14:13:20+00:00", "revision_history": [ { "date": "2024-09-05T14:13:20+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-09-05T14:13:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T21:26:32+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product": { "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9" } } }, { "category": "product_name", "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product": { "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9" } } }, { "category": "product_name", "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product": { "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9" } } }, { "category": "product_name", "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product": { "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8" } } }, { "category": "product_name", "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product": { "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8" } } }, { "category": "product_name", "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product": { "name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8" } } } ], "category": "product_family", "name": "Red Hat Ansible Automation Platform" }, { "branches": [ { "category": "product_version", "name": "python-pulpcore-0:3.28.31-1.el9ap.src", "product": { "name": "python-pulpcore-0:3.28.31-1.el9ap.src", "product_id": "python-pulpcore-0:3.28.31-1.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulpcore@3.28.31-1.el9ap?arch=src" } } }, { "category": "product_version", "name": "python-pulp-ansible-1:0.20.8-1.el9ap.src", "product": { "name": "python-pulp-ansible-1:0.20.8-1.el9ap.src", "product_id": "python-pulp-ansible-1:0.20.8-1.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-pulp-ansible@0.20.8-1.el9ap?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "python-gunicorn-0:22.0.0-2.el9ap.src", "product": { "name": "python-gunicorn-0:22.0.0-2.el9ap.src", "product_id": "python-gunicorn-0:22.0.0-2.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-2.el9ap?arch=src" } } }, { "category": "product_version", "name": "python-django-0:4.2.15-1.el9ap.src", "product": { "name": "python-django-0:4.2.15-1.el9ap.src", "product_id": "python-django-0:4.2.15-1.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-django@4.2.15-1.el9ap?arch=src" } } }, { "category": "product_version", "name": "python-zipp-0:3.19.2-1.el9ap.src", "product": { "name": "python-zipp-0:3.19.2-1.el9ap.src", "product_id": "python-zipp-0:3.19.2-1.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-zipp@3.19.2-1.el9ap?arch=src" } } }, { "category": "product_version", "name": "python-grpcio-0:1.58.3-1.el9ap.src", "product": { "name": "python-grpcio-0:1.58.3-1.el9ap.src", "product_id": "python-grpcio-0:1.58.3-1.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-grpcio@1.58.3-1.el9ap?arch=src" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el9ap.src", "product": { "name": "automation-controller-0:4.5.10-1.el9ap.src", "product_id": "automation-controller-0:4.5.10-1.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=src" } } }, { "category": "product_version", "name": "python-jmespath-0:0.10.0-5.el9ap.src", "product": { "name": "python-jmespath-0:0.10.0-5.el9ap.src", "product_id": "python-jmespath-0:0.10.0-5.el9ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-jmespath@0.10.0-5.el9ap?arch=src" } } }, { "category": "product_version", "name": "python3x-pulpcore-0:3.28.31-1.el8ap.src", "product": { "name": "python3x-pulpcore-0:3.28.31-1.el8ap.src", "product_id": "python3x-pulpcore-0:3.28.31-1.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-pulpcore@3.28.31-1.el8ap?arch=src" } } }, { "category": "product_version", "name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "product": { "name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "product_id": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-pulp-ansible@0.20.8-1.el8ap?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "python3x-gunicorn-0:22.0.0-2.el8ap.src", "product": { "name": "python3x-gunicorn-0:22.0.0-2.el8ap.src", "product_id": "python3x-gunicorn-0:22.0.0-2.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-gunicorn@22.0.0-2.el8ap?arch=src" } } }, { "category": "product_version", "name": "python3x-django-0:4.2.15-1.el8ap.src", "product": { "name": "python3x-django-0:4.2.15-1.el8ap.src", "product_id": "python3x-django-0:4.2.15-1.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-django@4.2.15-1.el8ap?arch=src" } } }, { "category": "product_version", "name": "python3x-grpcio-0:1.58.3-1.el8ap.src", "product": { "name": "python3x-grpcio-0:1.58.3-1.el8ap.src", "product_id": "python3x-grpcio-0:1.58.3-1.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-grpcio@1.58.3-1.el8ap?arch=src" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el8ap.src", "product": { "name": "automation-controller-0:4.5.10-1.el8ap.src", "product_id": "automation-controller-0:4.5.10-1.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=src" } } }, { "category": "product_version", "name": "python3x-jmespath-0:0.10.0-5.el8ap.src", "product": { "name": "python3x-jmespath-0:0.10.0-5.el8ap.src", "product_id": "python3x-jmespath-0:0.10.0-5.el8ap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-jmespath@0.10.0-5.el8ap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch", "product": { "name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch", "product_id": "python3-pulpcore-0:3.28.31-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-pulpcore@3.28.31-1.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "product": { "name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "product_id": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-pulp-ansible@0.20.8-1.el9ap?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch", "product": { "name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch", "product_id": "python3-gunicorn-0:22.0.0-2.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-gunicorn@22.0.0-2.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "python3-django-0:4.2.15-1.el9ap.noarch", "product": { "name": "python3-django-0:4.2.15-1.el9ap.noarch", "product_id": "python3-django-0:4.2.15-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-django@4.2.15-1.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "python3-zipp-0:3.19.2-1.el9ap.noarch", "product": { "name": "python3-zipp-0:3.19.2-1.el9ap.noarch", "product_id": "python3-zipp-0:3.19.2-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-zipp@3.19.2-1.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch", "product": { "name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch", "product_id": "automation-controller-cli-0:4.5.10-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "automation-controller-server-0:4.5.10-1.el9ap.noarch", "product": { "name": "automation-controller-server-0:4.5.10-1.el9ap.noarch", "product_id": "automation-controller-server-0:4.5.10-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch", "product": { "name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch", "product_id": "automation-controller-ui-0:4.5.10-1.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "python3-jmespath-0:0.10.0-5.el9ap.noarch", "product": { "name": "python3-jmespath-0:0.10.0-5.el9ap.noarch", "product_id": "python3-jmespath-0:0.10.0-5.el9ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-jmespath@0.10.0-5.el9ap?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch", "product": { "name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch", "product_id": "python39-pulpcore-0:3.28.31-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulpcore@3.28.31-1.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "product": { "name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "product_id": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-pulp-ansible@0.20.8-1.el8ap?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch", "product": { "name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch", "product_id": "python39-gunicorn-0:22.0.0-2.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-gunicorn@22.0.0-2.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "python39-django-0:4.2.15-1.el8ap.noarch", "product": { "name": "python39-django-0:4.2.15-1.el8ap.noarch", "product_id": "python39-django-0:4.2.15-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-django@4.2.15-1.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "python39-zipp-0:3.19.2-1.el8ap.noarch", "product": { "name": "python39-zipp-0:3.19.2-1.el8ap.noarch", "product_id": "python39-zipp-0:3.19.2-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-zipp@3.19.2-1.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch", "product": { "name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch", "product_id": "automation-controller-cli-0:4.5.10-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "automation-controller-server-0:4.5.10-1.el8ap.noarch", "product": { "name": "automation-controller-server-0:4.5.10-1.el8ap.noarch", "product_id": "automation-controller-server-0:4.5.10-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch", "product": { "name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch", "product_id": "automation-controller-ui-0:4.5.10-1.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el8ap?arch=noarch" } } }, { "category": "product_version", "name": "python39-jmespath-0:0.10.0-5.el8ap.noarch", "product": { "name": "python39-jmespath-0:0.10.0-5.el8ap.noarch", "product_id": "python39-jmespath-0:0.10.0-5.el8ap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-jmespath@0.10.0-5.el8ap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64", "product": { "name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64", "product_id": "python3-grpcio-0:1.58.3-1.el9ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=x86_64" } } }, { "category": "product_version", "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "product": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=x86_64" } } }, { "category": "product_version", "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "product": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=x86_64" } } }, { "category": "product_version", "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "product": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=x86_64" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el9ap.x86_64", "product": { "name": "automation-controller-0:4.5.10-1.el9ap.x86_64", "product_id": "automation-controller-0:4.5.10-1.el9ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=x86_64" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=x86_64" } } }, { "category": "product_version", "name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64", "product": { "name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64", "product_id": "python39-grpcio-0:1.58.3-1.el8ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=x86_64" } } }, { "category": "product_version", "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "product": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=x86_64" } } }, { "category": "product_version", "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "product": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=x86_64" } } }, { "category": "product_version", "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "product": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=x86_64" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el8ap.x86_64", "product": { "name": "automation-controller-0:4.5.10-1.el8ap.x86_64", "product_id": "automation-controller-0:4.5.10-1.el8ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=x86_64" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "product": { "name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "product_id": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "product": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "product": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "product": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=ppc64le" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el9ap.ppc64le", "product": { "name": "automation-controller-0:4.5.10-1.el9ap.ppc64le", "product_id": "automation-controller-0:4.5.10-1.el9ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=ppc64le" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "product": { "name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "product_id": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "product": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "product": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=ppc64le" } } }, { "category": "product_version", "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "product": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=ppc64le" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el8ap.ppc64le", "product": { "name": "automation-controller-0:4.5.10-1.el8ap.ppc64le", "product_id": "automation-controller-0:4.5.10-1.el8ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=ppc64le" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "python3-grpcio-0:1.58.3-1.el9ap.s390x", "product": { "name": "python3-grpcio-0:1.58.3-1.el9ap.s390x", "product_id": "python3-grpcio-0:1.58.3-1.el9ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=s390x" } } }, { "category": "product_version", "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "product": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=s390x" } } }, { "category": "product_version", "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "product": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=s390x" } } }, { "category": "product_version", "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "product": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=s390x" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el9ap.s390x", "product": { "name": "automation-controller-0:4.5.10-1.el9ap.s390x", "product_id": "automation-controller-0:4.5.10-1.el9ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=s390x" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=s390x" } } }, { "category": "product_version", "name": "python39-grpcio-0:1.58.3-1.el8ap.s390x", "product": { "name": "python39-grpcio-0:1.58.3-1.el8ap.s390x", "product_id": "python39-grpcio-0:1.58.3-1.el8ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=s390x" } } }, { "category": "product_version", "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "product": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=s390x" } } }, { "category": "product_version", "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "product": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=s390x" } } }, { "category": "product_version", "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "product": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=s390x" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el8ap.s390x", "product": { "name": "automation-controller-0:4.5.10-1.el8ap.s390x", "product_id": "automation-controller-0:4.5.10-1.el8ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=s390x" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64", "product": { "name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64", "product_id": "python3-grpcio-0:1.58.3-1.el9ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=aarch64" } } }, { "category": "product_version", "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "product": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=aarch64" } } }, { "category": "product_version", "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "product": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=aarch64" } } }, { "category": "product_version", "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "product": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=aarch64" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el9ap.aarch64", "product": { "name": "automation-controller-0:4.5.10-1.el9ap.aarch64", "product_id": "automation-controller-0:4.5.10-1.el9ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=aarch64" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=aarch64" } } }, { "category": "product_version", "name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64", "product": { "name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64", "product_id": "python39-grpcio-0:1.58.3-1.el8ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=aarch64" } } }, { "category": "product_version", "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "product": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=aarch64" } } }, { "category": "product_version", "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "product": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=aarch64" } } }, { "category": "product_version", "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "product": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=aarch64" } } }, { "category": "product_version", "name": "automation-controller-0:4.5.10-1.el8ap.aarch64", "product": { "name": "automation-controller-0:4.5.10-1.el8ap.aarch64", "product_id": "automation-controller-0:4.5.10-1.el8ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=aarch64" } } }, { "category": "product_version", "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "product": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch" }, "product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch" }, "product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch" }, "product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch" }, "product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch" }, "product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64" }, "product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch" }, "product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch" }, "product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch" }, "product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-django-0:4.2.15-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch" }, "product_reference": "python39-django-0:4.2.15-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64" }, "product_reference": "python39-grpcio-0:1.58.3-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le" }, "product_reference": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x" }, "product_reference": "python39-grpcio-0:1.58.3-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64" }, "product_reference": "python39-grpcio-0:1.58.3-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64" }, "product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le" }, "product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x" }, "product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64" }, "product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64" }, "product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le" }, "product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x" }, "product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64" }, "product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch" }, "product_reference": "python39-gunicorn-0:22.0.0-2.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-jmespath-0:0.10.0-5.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch" }, "product_reference": "python39-jmespath-0:0.10.0-5.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch" }, "product_reference": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch" }, "product_reference": "python39-pulpcore-0:3.28.31-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch" }, "product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-django-0:4.2.15-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src" }, "product_reference": "python3x-django-0:4.2.15-1.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-grpcio-0:1.58.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src" }, "product_reference": "python3x-grpcio-0:1.58.3-1.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64" }, "product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le" }, "product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x" }, "product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64" }, "product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-gunicorn-0:22.0.0-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src" }, "product_reference": "python3x-gunicorn-0:22.0.0-2.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-jmespath-0:0.10.0-5.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src" }, "product_reference": "python3x-jmespath-0:0.10.0-5.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src" }, "product_reference": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3x-pulpcore-0:3.28.31-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8", "product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src" }, "product_reference": "python3x-pulpcore-0:3.28.31-1.el8ap.src", "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch" }, "product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch" }, "product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch" }, "product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src" }, "product_reference": "python-zipp-0:3.19.2-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch" }, "product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1" }, { "category": "default_component_of", "full_product_name": { "name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src" }, "product_reference": "python-zipp-0:3.19.2-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2" }, { "category": "default_component_of", "full_product_name": { "name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch" }, "product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64" }, "product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch" }, "product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch" }, "product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch" }, "product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" }, "product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-django-0:4.2.15-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src" }, "product_reference": "python-django-0:4.2.15-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-grpcio-0:1.58.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src" }, "product_reference": "python-grpcio-0:1.58.3-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64" }, "product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le" }, "product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x" }, "product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64" }, "product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-gunicorn-0:22.0.0-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src" }, "product_reference": "python-gunicorn-0:22.0.0-2.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-jmespath-0:0.10.0-5.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src" }, "product_reference": "python-jmespath-0:0.10.0-5.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulp-ansible-1:0.20.8-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src" }, "product_reference": "python-pulp-ansible-1:0.20.8-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-pulpcore-0:3.28.31-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src" }, "product_reference": "python-pulpcore-0:3.28.31-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src" }, "product_reference": "python-zipp-0:3.19.2-1.el9ap.src", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-django-0:4.2.15-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" }, "product_reference": "python3-django-0:4.2.15-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64" }, "product_reference": "python3-grpcio-0:1.58.3-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le" }, "product_reference": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x" }, "product_reference": "python3-grpcio-0:1.58.3-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64" }, "product_reference": "python3-grpcio-0:1.58.3-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64" }, "product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le" }, "product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x" }, "product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64" }, "product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64" }, "product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le" }, "product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x" }, "product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64" }, "product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch" }, "product_reference": "python3-gunicorn-0:22.0.0-2.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-jmespath-0:0.10.0-5.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch" }, "product_reference": "python3-jmespath-0:0.10.0-5.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch" }, "product_reference": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch" }, "product_reference": "python3-pulpcore-0:3.28.31-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9", "product_id": "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" }, "product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch", "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-5569", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-07-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2296413" } ], "notes": [ { "category": "description", "text": "A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects.", "title": "Vulnerability description" }, { "category": "summary", "text": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-5569" }, { "category": "external", "summary": "RHBZ#2296413", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-5569", "url": "https://www.cve.org/CVERecord?id=CVE-2024-5569" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569" }, { "category": "external", "summary": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd", "url": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd" }, { "category": "external", "summary": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae", "url": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae" } ], "release_date": "2024-07-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp" }, { "cve": "CVE-2024-6840", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2024-07-17T18:01:46+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298492" } ], "notes": [ { "category": "description", "text": "An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account.", "title": "Vulnerability description" }, { "category": "summary", "text": "automation-controller: Gain access to the k8s API server via job execution with Container Group", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-6840" }, { "category": "external", "summary": "RHBZ#2298492", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6840", "url": "https://www.cve.org/CVERecord?id=CVE-2024-6840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840" } ], "release_date": "2024-09-05T09:09:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "automation-controller: Gain access to the k8s API server via job execution with Container Group" }, { "cve": "CVE-2024-7246", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "discovery_date": "2024-08-06T11:20:24.557753+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2303104" } ], "notes": [ { "category": "description", "text": "A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. By sending a specially crafted request, an attacker could leak other clients HTTP header keys. Attackers are only able to access HTTP header keys but not values.", "title": "Vulnerability description" }, { "category": "summary", "text": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is specific to C++ implementations of gRPC release and does not affect Golang or Java implementations of gRPC.\n\nThe gRPC RPM was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library, hence, grpcio dependency has been removed from Kuryr since Openshift-4.12.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-7246" }, { "category": "external", "summary": "RHBZ#2303104", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303104" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-7246", "url": "https://www.cve.org/CVERecord?id=CVE-2024-7246" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246" }, { "category": "external", "summary": "https://github.com/grpc/grpc/issues/36245", "url": "https://github.com/grpc/grpc/issues/36245" } ], "release_date": "2024-08-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend" }, { "cve": "CVE-2024-32879", "cwe": { "id": "CWE-303", "name": "Incorrect Implementation of Authentication Algorithm" }, "discovery_date": "2024-04-25T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2277035" } ], "notes": [ { "category": "description", "text": "A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-32879" }, { "category": "external", "summary": "RHBZ#2277035", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-32879", "url": "https://www.cve.org/CVERecord?id=CVE-2024-32879" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879" }, { "category": "external", "summary": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3", "url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3" } ], "release_date": "2024-04-24T06:57:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django" }, { "cve": "CVE-2024-33663", "discovery_date": "2024-04-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2277297" } ], "notes": [ { "category": "description", "text": "python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-33663" }, { "category": "external", "summary": "RHBZ#2277297", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-33663", "url": "https://www.cve.org/CVERecord?id=CVE-2024-33663" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663" } ], "release_date": "2024-04-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats" }, { "cve": "CVE-2024-38875", "cwe": { "id": "CWE-1287", "name": "Improper Validation of Specified Type of Input" }, "discovery_date": "2024-07-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2295935" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Django framework\u0027s urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential denial-of-service in django.utils.html.urlize()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-38875" }, { "category": "external", "summary": "RHBZ#2295935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-38875", "url": "https://www.cve.org/CVERecord?id=CVE-2024-38875" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875" } ], "release_date": "2024-07-26T06:26:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Potential denial-of-service in django.utils.html.urlize()" }, { "cve": "CVE-2024-39329", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2024-07-05T09:46:29+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2295936" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate() method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Username enumeration through timing difference for users with unusable passwords", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39329" }, { "category": "external", "summary": "RHBZ#2295936", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39329", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39329" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329" } ], "release_date": "2024-07-09T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "python-django: Username enumeration through timing difference for users with unusable passwords" }, { "cve": "CVE-2024-39330", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2024-07-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2295937" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs when calling save(). Built-in Storage sub-classes were not affected by this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39330" }, { "category": "external", "summary": "RHBZ#2295937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39330", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39330" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330" } ], "release_date": "2024-07-09T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()" }, { "cve": "CVE-2024-39614", "cwe": { "id": "CWE-1287", "name": "Improper Validation of Specified Type of Input" }, "discovery_date": "2024-07-05T09:46:30+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2295938" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Python-Django in the get_supported_language_variant() function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-39614" }, { "category": "external", "summary": "RHBZ#2295938", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39614", "url": "https://www.cve.org/CVERecord?id=CVE-2024-39614" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614" } ], "release_date": "2024-07-09T14:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()" }, { "cve": "CVE-2024-41989", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-08-02T01:40:06+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2302433" } ], "notes": [ { "category": "description", "text": "A security issue was found in Django. If \u0027floatformat\u0027 received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41989" }, { "category": "external", "summary": "RHBZ#2302433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41989", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41989" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989" } ], "release_date": "2024-08-06T13:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()" }, { "cve": "CVE-2024-41990", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2024-08-02T01:52:36+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2302434" } ], "notes": [ { "category": "description", "text": "A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41990" }, { "category": "external", "summary": "RHBZ#2302434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41990", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41990" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990" }, { "category": "external", "summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/" } ], "release_date": "2024-08-06T13:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Implementing input validation and limiting the the size of inputs to the urlize and urlizetrunc will mitigate this vulnerability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()" }, { "cve": "CVE-2024-41991", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-08-02T02:03:22+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2302435" } ], "notes": [ { "category": "description", "text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget", "title": "Vulnerability summary" }, { "category": "other", "text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41991" }, { "category": "external", "summary": "RHBZ#2302435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41991" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991" }, { "category": "external", "summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/" } ], "release_date": "2024-08-06T13:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget" }, { "cve": "CVE-2024-42005", "cwe": { "id": "CWE-89", "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" }, "discovery_date": "2024-08-02T02:08:30+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2302436" } ], "notes": [ { "category": "description", "text": "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.", "title": "Vulnerability description" }, { "category": "summary", "text": "python-django: Potential SQL injection in QuerySet.values() and values_list()", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "known_not_affected": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-42005" }, { "category": "external", "summary": "RHBZ#2302436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-42005", "url": "https://www.cve.org/CVERecord?id=CVE-2024-42005" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005" }, { "category": "external", "summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/", "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/" } ], "release_date": "2024-08-06T13:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-09-05T14:13:20+00:00", "details": "Red Hat Ansible Automation Platform", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:6428" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python-django: Potential SQL injection in QuerySet.values() and values_list()" } ] }
pysec-2024-69
Vulnerability from pysec
Published
2024-08-07 15:15
Modified
2024-08-07 17:22
Details
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
Aliases
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "django", "purl": "pkg:pypi/django" }, "ranges": [ { "events": [ { "introduced": "5.0" }, { "fixed": "5.0.8" }, { "introduced": "4.2" }, { "fixed": "4.2.15" } ], "type": "ECOSYSTEM" } ], "versions": [ "4.2", "4.2.1", "4.2.10", "4.2.11", "4.2.12", "4.2.13", "4.2.14", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.2.6", "4.2.7", "4.2.8", "4.2.9", "5.0", "5.0.1", "5.0.2", "5.0.3", "5.0.4", "5.0.5", "5.0.6", "5.0.7" ] } ], "aliases": [ "CVE-2024-41991" ], "details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.", "id": "PYSEC-2024-69", "modified": "2024-08-07T17:22:10.745844+00:00", "published": "2024-08-07T15:15:00+00:00", "references": [ { "type": "WEB", "url": "https://docs.djangoproject.com/en/dev/releases/security/" }, { "type": "WEB", "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "type": "ARTICLE", "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/" } ] }
ghsa-r836-hh6v-rg5g
Vulnerability from github
Published
2024-08-07 15:30
Modified
2024-08-07 19:03
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
Django vulnerable to denial-of-service attack
Details
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "Django" }, "ranges": [ { "events": [ { "introduced": "5.0" }, { "fixed": "5.0.8" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "PyPI", "name": "Django" }, "ranges": [ { "events": [ { "introduced": "4.2" }, { "fixed": "4.2.15" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2024-41991" ], "database_specific": { "cwe_ids": [ "CWE-1284", "CWE-130", "CWE-1333" ], "github_reviewed": true, "github_reviewed_at": "2024-08-07T19:03:05Z", "nvd_published_at": "2024-08-07T15:15:56Z", "severity": "MODERATE" }, "details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.", "id": "GHSA-r836-hh6v-rg5g", "modified": "2024-08-07T19:03:05Z", "published": "2024-08-07T15:30:42Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991" }, { "type": "WEB", "url": "https://github.com/django/django/commit/523da8771bce321023f490f70d71a9e973ddc927" }, { "type": "WEB", "url": "https://github.com/django/django/commit/efea1ef7e2190e3f77ca0651b5458297bc0f6a9f" }, { "type": "WEB", "url": "https://docs.djangoproject.com/en/dev/releases/security" }, { "type": "PACKAGE", "url": "https://github.com/django/django" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-69.yaml" }, { "type": "WEB", "url": "https://groups.google.com/forum/#%21forum/django-announce" }, { "type": "WEB", "url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "type": "CVSS_V3" }, { "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "type": "CVSS_V4" } ], "summary": "Django vulnerable to denial-of-service attack" }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.