Action not permitted
Modal body text goes here.
cve-2024-41989
Vulnerability from cvelistv5
Published
2024-08-07 00:00
Modified
2024-08-08 19:39
Severity
Summary
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
References
| Source | URL | Tags |
|---|---|---|
| cve@mitre.org | https://docs.djangoproject.com/en/dev/releases/security/ | Patch, Vendor Advisory |
| cve@mitre.org | https://groups.google.com/forum/#%21forum/django-announce | Not Applicable |
| cve@mitre.org | https://www.djangoproject.com/weblog/2024/aug/06/security-releases/ | Vendor Advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "django",
"vendor": "djangoproject",
"versions": [
{
"lessThan": "4.2.15",
"status": "affected",
"version": "4.2",
"versionType": "custom"
},
{
"lessThan": "5.0.8",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T19:34:43.299369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T19:39:24.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T14:10:31.266105",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41989",
"datePublished": "2024-08-07T00:00:00",
"dateReserved": "2024-07-25T00:00:00",
"dateUpdated": "2024-08-08T19:39:24.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-41989\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-08-07T15:15:56.030\",\"lastModified\":\"2024-08-08T20:35:11.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en Django 5.0 anterior a 5.0.8 y 4.2 anterior a 4.2.15. El filtro de plantilla de formato flotante est\u00e1 sujeto a un consumo de memoria significativo cuando se le proporciona una representaci\u00f3n de cadena de un n\u00famero en notaci\u00f3n cient\u00edfica con un exponente grande.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndExcluding\":\"4.2.15\",\"matchCriteriaId\":\"7C38224F-C41B-428C-89C2-603BBA95AD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.0.8\",\"matchCriteriaId\":\"3384B57C-DBF5-4E23-99E7-92B260D53E8E\"}]}]}],\"references\":[{\"url\":\"https://docs.djangoproject.com/en/dev/releases/security/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/forum/#%21forum/django-announce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://www.djangoproject.com/weblog/2024/aug/06/security-releases/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
pysec-2024-67
Vulnerability from pysec
Published
2024-08-07 15:15
Modified
2024-08-07 17:22
Details
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "django",
"purl": "pkg:pypi/django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.8"
},
{
"introduced": "4.2"
},
{
"fixed": "4.2.15"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.2",
"4.2.1",
"4.2.10",
"4.2.11",
"4.2.12",
"4.2.13",
"4.2.14",
"4.2.2",
"4.2.3",
"4.2.4",
"4.2.5",
"4.2.6",
"4.2.7",
"4.2.8",
"4.2.9",
"5.0",
"5.0.1",
"5.0.2",
"5.0.3",
"5.0.4",
"5.0.5",
"5.0.6",
"5.0.7"
]
}
],
"aliases": [
"CVE-2024-41989"
],
"details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.",
"id": "PYSEC-2024-67",
"modified": "2024-08-07T17:22:10.613440+00:00",
"published": "2024-08-07T15:15:00+00:00",
"references": [
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"type": "ARTICLE",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
]
}
rhsa-2024_6428
Vulnerability from csaf_redhat
Published
2024-09-05 14:13
Modified
2024-09-17 00:01
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)
* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)
* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)
* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)
* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)
* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)
* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)
* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)
* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)
* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes for automation controller:
* Updated the receptor to not automatically release the receptor work unit when "RECEPTOR_KEEP_WORK_ON_ERROR" is set to true (AAP-27635)
* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)
* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)
* automation-controller has been updated to 4.5.10
Updates and fixes for automation hub:
* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)
* python3/python39-pulpcore has been updated to 3.28.31
* python3/python39-pulp-ansible has been updated to 0.20.8
Additional fixes:
* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)
* python3/python39-django has been updated to 4.2.15
* python3/python39-grpcio has been updated to 1.58.3
* python3/python39-jmespath has been updated to 0.10.0-5
* python3/python39-zipp has been updated to 3.19.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)\n* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)\n* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)\n* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)\n* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)\n* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)\n* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)\n* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)\n* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)\n* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes for automation controller:\n* Updated the receptor to not automatically release the receptor work unit when \"RECEPTOR_KEEP_WORK_ON_ERROR\" is set to true (AAP-27635)\n* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)\n* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)\n* automation-controller has been updated to 4.5.10\n\nUpdates and fixes for automation hub:\n* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)\n* python3/python39-pulpcore has been updated to 3.28.31\n* python3/python39-pulp-ansible has been updated to 0.20.8\n\nAdditional fixes:\n* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)\n* python3/python39-django has been updated to 4.2.15\n* python3/python39-grpcio has been updated to 1.58.3\n* python3/python39-jmespath has been updated to 0.10.0-5\n* python3/python39-zipp has been updated to 3.19.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6428",
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6428.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update",
"tracking": {
"current_release_date": "2024-09-17T00:01:38+00:00",
"generator": {
"date": "2024-09-17T00:01:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:6428",
"initial_release_date": "2024-09-05T14:13:20+00:00",
"revision_history": [
{
"date": "2024-09-05T14:13:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-05T14:13:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-17T00:01:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_id": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.28.31-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_id": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.20.8-1.el9ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_id": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-2.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-django-0:4.2.15-1.el9ap.src",
"product": {
"name": "python-django-0:4.2.15-1.el9ap.src",
"product_id": "python-django-0:4.2.15-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django@4.2.15-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product": {
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product_id": "python-zipp-0:3.19.2-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-zipp@3.19.2-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_id": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio@1.58.3-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product_id": "automation-controller-0:4.5.10-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_id": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jmespath@0.10.0-5.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_id": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulpcore@3.28.31-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_id": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulp-ansible@0.20.8-1.el8ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_id": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-gunicorn@22.0.0-2.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product": {
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product_id": "python3x-django-0:4.2.15-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-django@4.2.15-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_id": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio@1.58.3-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product_id": "automation-controller-0:4.5.10-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_id": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-jmespath@0.10.0-5.el8ap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_id": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulpcore@3.28.31-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_id": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulp-ansible@0.20.8-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_id": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-gunicorn@22.0.0-2.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_id": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-django@4.2.15-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_id": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-zipp@3.19.2-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_id": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jmespath@0.10.0-5.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_id": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.28.31-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_id": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-ansible@0.20.8-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_id": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gunicorn@22.0.0-2.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_id": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django@4.2.15-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_id": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-zipp@3.19.2-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_id": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-jmespath@0.10.0-5.el8ap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch"
},
"product_reference": "python39-django-0:4.2.15-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch"
},
"product_reference": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch"
},
"product_reference": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch"
},
"product_reference": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch"
},
"product_reference": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-django-0:4.2.15-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src"
},
"product_reference": "python3x-django-0:4.2.15-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src"
},
"product_reference": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src"
},
"product_reference": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src"
},
"product_reference": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src"
},
"product_reference": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src"
},
"product_reference": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.15-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src"
},
"product_reference": "python-django-0:4.2.15-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src"
},
"product_reference": "python-grpcio-0:1.58.3-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src"
},
"product_reference": "python-gunicorn-0:22.0.0-2.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src"
},
"product_reference": "python-jmespath-0:0.10.0-5.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src"
},
"product_reference": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src"
},
"product_reference": "python-pulpcore-0:3.28.31-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
},
"product_reference": "python3-django-0:4.2.15-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch"
},
"product_reference": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch"
},
"product_reference": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch"
},
"product_reference": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
},
"product_reference": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5569",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2296413"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5569"
},
{
"category": "external",
"summary": "RHBZ#2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
},
{
"category": "external",
"summary": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd",
"url": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae",
"url": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae"
}
],
"release_date": "2024-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp"
},
{
"cve": "CVE-2024-6840",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-07-17T18:01:46+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298492"
}
],
"notes": [
{
"category": "description",
"text": "An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "automation-controller: Gain access to the k8s API server via job execution with Container Group",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6840"
},
{
"category": "external",
"summary": "RHBZ#2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840"
}
],
"release_date": "2024-09-05T09:09:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "automation-controller: Gain access to the k8s API server via job execution with Container Group"
},
{
"cve": "CVE-2024-7246",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2024-08-06T11:20:24.557753+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2303104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. By sending a specially crafted request, an attacker could leak other clients HTTP header keys. Attackers are only able to access HTTP header keys but not values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is specific to C++ implementations of gRPC release and does not affect Golang or Java implementations of gRPC.\n\nThe gRPC RPM was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library, hence, grpcio dependency has been removed from Kuryr since Openshift-4.12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7246"
},
{
"category": "external",
"summary": "RHBZ#2303104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/issues/36245",
"url": "https://github.com/grpc/grpc/issues/36245"
}
],
"release_date": "2024-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend"
},
{
"cve": "CVE-2024-32879",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2024-04-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277035"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32879"
},
{
"category": "external",
"summary": "RHBZ#2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879"
},
{
"category": "external",
"summary": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3",
"url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3"
}
],
"release_date": "2024-04-24T06:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django"
},
{
"cve": "CVE-2024-33663",
"discovery_date": "2024-04-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277297"
}
],
"notes": [
{
"category": "description",
"text": "python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-33663"
},
{
"category": "external",
"summary": "RHBZ#2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-33663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663"
}
],
"release_date": "2024-04-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats"
},
{
"cve": "CVE-2024-38875",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295935"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Python-Django in django.utils.html.urlize() function. The issue triggers when it is parsed with certain inputs with a very large number of brackets, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38875"
},
{
"category": "external",
"summary": "RHBZ#2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875"
}
],
"release_date": "2024-07-26T06:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-39329",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-07-05T09:46:29+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295936"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate() method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Username enumeration through timing difference for users with unusable passwords",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39329"
},
{
"category": "external",
"summary": "RHBZ#2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Username enumeration through timing difference for users with unusable passwords"
},
{
"cve": "CVE-2024-39330",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295937"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs when calling save(). Built-in Storage sub-classes were not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39330"
},
{
"category": "external",
"summary": "RHBZ#2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39330",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39330"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()"
},
{
"cve": "CVE-2024-39614",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T09:46:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295938"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the get_supported_language_variant() function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39614"
},
{
"category": "external",
"summary": "RHBZ#2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()"
},
{
"cve": "CVE-2024-41989",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T01:40:06+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302433"
}
],
"notes": [
{
"category": "description",
"text": "A security issue was found in Django. If \u0027floatformat\u0027 received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41989"
},
{
"category": "external",
"summary": "RHBZ#2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()"
},
{
"cve": "CVE-2024-41990",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2024-08-02T01:52:36+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302434"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41990"
},
{
"category": "external",
"summary": "RHBZ#2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Implementing input validation and limiting the the size of inputs to the urlize and urlizetrunc will mitigate this vulnerability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-41991",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T02:03:22+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "RHBZ#2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41991"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget"
},
{
"cve": "CVE-2024-42005",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-08-02T02:08:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302436"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential SQL injection in QuerySet.values() and values_list()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42005"
},
{
"category": "external",
"summary": "RHBZ#2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential SQL injection in QuerySet.values() and values_list()"
}
]
}
ghsa-jh75-99hh-qvx9
Vulnerability from github
Published
2024-08-07 15:30
Modified
2024-08-07 19:01
Severity
5.3 (Medium) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.9 (Medium) - CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
Django memory consumption vulnerability
Details
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.2.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-41989"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-07T19:01:44Z",
"nvd_published_at": "2024-08-07T15:15:56Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.",
"id": "GHSA-jh75-99hh-qvx9",
"modified": "2024-08-07T19:01:44Z",
"published": "2024-08-07T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/27900fe56f3d3cabb4aeb6ccb82f92bab29073a8"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/fc76660f589ac07e45e9cd34ccb8087aeb11904b"
},
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security"
},
{
"type": "PACKAGE",
"url": "https://github.com/django/django"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-67.yaml"
},
{
"type": "WEB",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Django memory consumption vulnerability"
}
Loading...