Action not permitted
Modal body text goes here.
cve-2024-41991
Vulnerability from cvelistv5
Published
2024-08-07 00:00
Modified
2024-08-12 15:56
Severity ?
EPSS score ?
Summary
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.djangoproject.com/en/dev/releases/security/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://groups.google.com/forum/#%21forum/django-announce | Not Applicable | |
| cve@mitre.org | https://www.djangoproject.com/weblog/2024/aug/06/security-releases/ | Vendor Advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "django",
"vendor": "djangoproject",
"versions": [
{
"lessThan": "4.2.15",
"status": "affected",
"version": "4.2",
"versionType": "custom"
},
{
"lessThan": "5.0.8",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-41991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T17:57:11.874865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-130",
"description": "CWE-130 Improper Handling of Length Parameter Inconsistency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T15:56:42.887Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T14:13:02.341557",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-41991",
"datePublished": "2024-08-07T00:00:00",
"dateReserved": "2024-07-25T00:00:00",
"dateUpdated": "2024-08-12T15:56:42.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-41991\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-08-07T15:15:56.160\",\"lastModified\":\"2024-08-07T20:48:22.403\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1284\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-130\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndExcluding\":\"4.2.15\",\"matchCriteriaId\":\"7C38224F-C41B-428C-89C2-603BBA95AD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.0.8\",\"matchCriteriaId\":\"3384B57C-DBF5-4E23-99E7-92B260D53E8E\"}]}]}],\"references\":[{\"url\":\"https://docs.djangoproject.com/en/dev/releases/security/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://groups.google.com/forum/#%21forum/django-announce\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://www.djangoproject.com/weblog/2024/aug/06/security-releases/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
pysec-2024-69
Vulnerability from pysec
Published
2024-08-07 15:15
Modified
2024-08-07 17:22
Details
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "django",
"purl": "pkg:pypi/django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.8"
},
{
"introduced": "4.2"
},
{
"fixed": "4.2.15"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.2",
"4.2.1",
"4.2.10",
"4.2.11",
"4.2.12",
"4.2.13",
"4.2.14",
"4.2.2",
"4.2.3",
"4.2.4",
"4.2.5",
"4.2.6",
"4.2.7",
"4.2.8",
"4.2.9",
"5.0",
"5.0.1",
"5.0.2",
"5.0.3",
"5.0.4",
"5.0.5",
"5.0.6",
"5.0.7"
]
}
],
"aliases": [
"CVE-2024-41991"
],
"details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.",
"id": "PYSEC-2024-69",
"modified": "2024-08-07T17:22:10.745844+00:00",
"published": "2024-08-07T15:15:00+00:00",
"references": [
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"type": "ARTICLE",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
]
}
rhsa-2024_7987
Vulnerability from csaf_redhat
Published
2024-10-10 20:31
Modified
2024-11-15 21:26
Summary
Red Hat Security Advisory: Satellite 6.15.4 Security Update
Notes
Topic
An update is now available for Red Hat Satellite 6.15 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from the
CVE link(s) in the References section.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers (CVE-2024-1135)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override (CVE-2024-26130)
* python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.15 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from the\nCVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\nSecurity Fix(es):\n\n* python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers (CVE-2024-1135)\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n* python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override (CVE-2024-26130)\n* python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7987",
"url": "https://access.redhat.com/errata/RHSA-2024:7987"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "2269617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269617"
},
{
"category": "external",
"summary": "2275280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275280"
},
{
"category": "external",
"summary": "2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "SAT-25848",
"url": "https://issues.redhat.com/browse/SAT-25848"
},
{
"category": "external",
"summary": "SAT-27294",
"url": "https://issues.redhat.com/browse/SAT-27294"
},
{
"category": "external",
"summary": "SAT-27295",
"url": "https://issues.redhat.com/browse/SAT-27295"
},
{
"category": "external",
"summary": "SAT-27296",
"url": "https://issues.redhat.com/browse/SAT-27296"
},
{
"category": "external",
"summary": "SAT-27299",
"url": "https://issues.redhat.com/browse/SAT-27299"
},
{
"category": "external",
"summary": "SAT-27950",
"url": "https://issues.redhat.com/browse/SAT-27950"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7987.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.15.4 Security Update",
"tracking": {
"current_release_date": "2024-11-15T21:26:43+00:00",
"generator": {
"date": "2024-11-15T21:26:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:7987",
"initial_release_date": "2024-10-10T20:31:33+00:00",
"revision_history": [
{
"date": "2024-10-10T20:31:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-10T20:31:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T21:26:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.15::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.9.1.10-1.el8sat.src",
"product": {
"name": "foreman-0:3.9.1.10-1.el8sat.src",
"product_id": "foreman-0:3.9.1.10-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.9.1.10-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.9.3.5-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.9.3.5-1.el8sat.src",
"product_id": "foreman-installer-1:3.9.3.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.9.3.5-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-cryptography-0:42.0.8-1.el8pc.src",
"product": {
"name": "python-cryptography-0:42.0.8-1.el8pc.src",
"product_id": "python-cryptography-0:42.0.8-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-cryptography@42.0.8-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-django-0:4.2.15-1.el8pc.src",
"product": {
"name": "python-django-0:4.2.15-1.el8pc.src",
"product_id": "python-django-0:4.2.15-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django@4.2.15-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-gunicorn-0:22.0.0-1.el8pc.src",
"product": {
"name": "python-gunicorn-0:22.0.0-1.el8pc.src",
"product_id": "python-gunicorn-0:22.0.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-certguard-0:1.7.2-1.el8pc.src",
"product": {
"name": "python-pulp-certguard-0:1.7.2-1.el8pc.src",
"product_id": "python-pulp-certguard-0:1.7.2-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-certguard@1.7.2-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulpcore-0:3.39.21-1.el8pc.src",
"product": {
"name": "python-pulpcore-0:3.39.21-1.el8pc.src",
"product_id": "python-pulpcore-0:3.39.21-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.39.21-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"product": {
"name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"product_id": "python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pyOpenSSL@24.1.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"product": {
"name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"product_id": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@9.0.58-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"product": {
"name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"product_id": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_theme_satellite@13.3.0-0.1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"product": {
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"product_id": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hammer_cli_foreman_tasks@0.0.21-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.11.0.17-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.11.0.17-1.el8sat.src",
"product_id": "rubygem-katello-0:4.11.0.17-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.11.0.17-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.15.4-2.el8sat.src",
"product": {
"name": "satellite-0:6.15.4-2.el8sat.src",
"product_id": "satellite-0:6.15.4-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.15.4-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-2.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-service-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.9.1.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.9.3.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.9.3.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-0:4.2.15-1.el8pc.noarch",
"product": {
"name": "python3.11-django-0:4.2.15-1.el8pc.noarch",
"product_id": "python3.11-django-0:4.2.15-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django@4.2.15-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"product": {
"name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"product_id": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-gunicorn@22.0.0-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"product": {
"name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"product_id": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-certguard@1.7.2-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"product": {
"name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"product_id": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulpcore@3.39.21-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"product": {
"name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"product_id": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pyOpenSSL@24.1.0-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"product_id": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_rh_cloud@9.0.58-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"product_id": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_theme_satellite@13.3.0-0.1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"product": {
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"product_id": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hammer_cli_foreman_tasks@0.0.21-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.11.0.17-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.15.4-2.el8sat.noarch",
"product": {
"name": "satellite-0:6.15.4-2.el8sat.noarch",
"product_id": "satellite-0:6.15.4-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.15.4-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.15.4-2.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.15.4-2.el8sat.noarch",
"product_id": "satellite-cli-0:6.15.4-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.15.4-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.15.4-2.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.15.4-2.el8sat.noarch",
"product_id": "satellite-common-0:6.15.4-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.15.4-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.15.4-2.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.15.4-2.el8sat.noarch",
"product_id": "satellite-capsule-0:6.15.4-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.15.4-2.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"product": {
"name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"product_id": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-cryptography@42.0.8-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"product": {
"name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"product_id": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-cryptography-debugsource@42.0.8-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"product": {
"name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"product_id": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-cryptography-debuginfo@42.0.8-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64",
"product": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64",
"product_id": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder@0.0.3-2.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.10-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.5-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cryptography-0:42.0.8-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src"
},
"product_reference": "python-cryptography-0:42.0.8-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64"
},
"product_reference": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.15-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src"
},
"product_reference": "python-django-0:4.2.15-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gunicorn-0:22.0.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src"
},
"product_reference": "python-gunicorn-0:22.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-certguard-0:1.7.2-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src"
},
"product_reference": "python-pulp-certguard-0:1.7.2-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.39.21-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.39.21-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src"
},
"product_reference": "python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64"
},
"product_reference": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64"
},
"product_reference": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-0:4.2.15-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch"
},
"product_reference": "python3.11-django-0:4.2.15-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch"
},
"product_reference": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch"
},
"product_reference": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.4-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src"
},
"product_reference": "satellite-0:6.15.4-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.10-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch"
},
"product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src"
},
"product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.4-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src"
},
"product_reference": "satellite-0:6.15.4-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.10-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.5-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.9.3.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cryptography-0:42.0.8-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src"
},
"product_reference": "python-cryptography-0:42.0.8-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64"
},
"product_reference": "python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.15-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src"
},
"product_reference": "python-django-0:4.2.15-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gunicorn-0:22.0.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src"
},
"product_reference": "python-gunicorn-0:22.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-certguard-0:1.7.2-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src"
},
"product_reference": "python-pulp-certguard-0:1.7.2-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.39.21-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.39.21-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pyOpenSSL-0:24.1.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src"
},
"product_reference": "python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64"
},
"product_reference": "python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64"
},
"product_reference": "python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-0:4.2.15-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch"
},
"product_reference": "python3.11-django-0:4.2.15-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch"
},
"product_reference": "python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch"
},
"product_reference": "python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch"
},
"product_reference": "python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src"
},
"product_reference": "rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src"
},
"product_reference": "rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch"
},
"product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src"
},
"product_reference": "rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.11.0.17-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.11.0.17-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.4-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src"
},
"product_reference": "satellite-0:6.15.4-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.4-2.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.4-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
},
"product_reference": "yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-1135",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2024-04-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275280"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP Request Smuggling vulnerability was found in Gunicorn. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn\u0027s handling of Transfer-Encoding headers, where it incorrectly processes requests with multiple, conflicting Transfer-Encoding headers, treating them as chunked regardless of the final encoding specified. This vulnerability allows for a range of attacks, including cache poisoning, session manipulation, and data exposure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-1135"
},
{
"category": "external",
"summary": "RHBZ#2275280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-1135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1135"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-w3h3-4rj7-4ph4",
"url": "https://github.com/advisories/GHSA-w3h3-4rj7-4ph4"
},
{
"category": "external",
"summary": "https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d",
"url": "https://github.com/benoitc/gunicorn/commit/ac29c9b0a758d21f1e0fb3b3457239e523fa9f1d"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1",
"url": "https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1"
}
],
"release_date": "2024-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-10T20:31:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7987"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-gunicorn: HTTP Request Smuggling due to improper validation of Transfer-Encoding headers"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-10T20:31:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7987"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2024-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269617"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in python-cryptography. A NULL pointer dereference can be triggered when a PKCS#12 key and certificate do not match. Specifically, if the pkcs12.serialize_key_and_certificates function is called with a non-matching certificate and private key and an encryption algorithm with hmac_hash set, the Python process may crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in python-cryptography that leads to a NULL pointer dereference during the pkcs12.serialize_key_and_certificates function execution is classified as a moderate severity issue. While the vulnerability can result in a denial-of-service (DoS) by crashing the Python process, it requires specific conditions to trigger: a mismatch between the provided certificate\u0027s public key and private key, coupled with the use of an encryption algorithm with hmac_hash set.\n\nThe exploitation of this vulnerability does not directly lead to arbitrary code execution or data leakage. Instead, it causes a controlled termination of the Python process, which, although disruptive, is not as critical as other vulnerabilities that can lead to unauthorized access, data corruption, or code injection. However, it\u0027s important to note that denial-of-service conditions can still have operational impacts, disrupting services or causing system instability.\n\nThis issue does not affect Red Hat Enterprise Linux 6, 7, 8 and 9 as we dont ship the vulnerable code and package version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26130"
},
{
"category": "external",
"summary": "RHBZ#2269617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130"
}
],
"release_date": "2024-02-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-10T20:31:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7987"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override"
},
{
"cve": "CVE-2024-41991",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T02:03:22+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "RHBZ#2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41991"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-10T20:31:33+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7987"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15-utils:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.10-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.5-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.5-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.10-1.el8sat.noarch",
"8Base-satellite-6.15:python-cryptography-0:42.0.8-1.el8pc.src",
"8Base-satellite-6.15:python-cryptography-debugsource-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python-gunicorn-0:22.0.0-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-certguard-0:1.7.2-1.el8pc.src",
"8Base-satellite-6.15:python-pulpcore-0:3.39.21-1.el8pc.src",
"8Base-satellite-6.15:python-pyOpenSSL-0:24.1.0-1.el8pc.src",
"8Base-satellite-6.15:python3.11-cryptography-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-cryptography-debuginfo-0:42.0.8-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-gunicorn-0:22.0.0-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-certguard-0:1.7.2-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulpcore-0:3.39.21-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pyOpenSSL-0:24.1.0-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_rh_cloud-0:9.0.58-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.3.0-0.1.el8sat.src",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-hammer_cli_foreman_tasks-0:0.0.21-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.17-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.4-2.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.4-2.el8sat.noarch",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.src",
"8Base-satellite-6.15:yggdrasil-worker-forwarder-0:0.0.3-2.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.15-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.15-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.15-1.el8pc.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget"
}
]
}
rhsa-2024_6428
Vulnerability from csaf_redhat
Published
2024-09-05 14:13
Modified
2024-11-21 21:13
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)
* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)
* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)
* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)
* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)
* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)
* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)
* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)
* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)
* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes for automation controller:
* Updated the receptor to not automatically release the receptor work unit when "RECEPTOR_KEEP_WORK_ON_ERROR" is set to true (AAP-27635)
* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)
* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)
* automation-controller has been updated to 4.5.10
Updates and fixes for automation hub:
* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)
* python3/python39-pulpcore has been updated to 3.28.31
* python3/python39-pulp-ansible has been updated to 0.20.8
Additional fixes:
* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)
* python3/python39-django has been updated to 4.2.15
* python3/python39-grpcio has been updated to 1.58.3
* python3/python39-jmespath has been updated to 0.10.0-5
* python3/python39-zipp has been updated to 3.19.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)\n* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)\n* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)\n* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)\n* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)\n* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)\n* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)\n* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)\n* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)\n* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes for automation controller:\n* Updated the receptor to not automatically release the receptor work unit when \"RECEPTOR_KEEP_WORK_ON_ERROR\" is set to true (AAP-27635)\n* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)\n* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)\n* automation-controller has been updated to 4.5.10\n\nUpdates and fixes for automation hub:\n* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)\n* python3/python39-pulpcore has been updated to 3.28.31\n* python3/python39-pulp-ansible has been updated to 0.20.8\n\nAdditional fixes:\n* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)\n* python3/python39-django has been updated to 4.2.15\n* python3/python39-grpcio has been updated to 1.58.3\n* python3/python39-jmespath has been updated to 0.10.0-5\n* python3/python39-zipp has been updated to 3.19.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6428",
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6428.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update",
"tracking": {
"current_release_date": "2024-11-21T21:13:03+00:00",
"generator": {
"date": "2024-11-21T21:13:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:6428",
"initial_release_date": "2024-09-05T14:13:20+00:00",
"revision_history": [
{
"date": "2024-09-05T14:13:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-05T14:13:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T21:13:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_id": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.28.31-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_id": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.20.8-1.el9ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_id": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-2.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-django-0:4.2.15-1.el9ap.src",
"product": {
"name": "python-django-0:4.2.15-1.el9ap.src",
"product_id": "python-django-0:4.2.15-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django@4.2.15-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product": {
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product_id": "python-zipp-0:3.19.2-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-zipp@3.19.2-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_id": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio@1.58.3-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product_id": "automation-controller-0:4.5.10-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_id": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jmespath@0.10.0-5.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_id": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulpcore@3.28.31-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_id": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulp-ansible@0.20.8-1.el8ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_id": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-gunicorn@22.0.0-2.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product": {
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product_id": "python3x-django-0:4.2.15-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-django@4.2.15-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_id": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio@1.58.3-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product_id": "automation-controller-0:4.5.10-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_id": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-jmespath@0.10.0-5.el8ap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_id": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulpcore@3.28.31-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_id": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulp-ansible@0.20.8-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_id": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-gunicorn@22.0.0-2.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_id": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-django@4.2.15-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_id": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-zipp@3.19.2-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_id": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jmespath@0.10.0-5.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_id": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.28.31-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_id": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-ansible@0.20.8-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_id": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gunicorn@22.0.0-2.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_id": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django@4.2.15-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_id": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-zipp@3.19.2-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_id": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-jmespath@0.10.0-5.el8ap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch"
},
"product_reference": "python39-django-0:4.2.15-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch"
},
"product_reference": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch"
},
"product_reference": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch"
},
"product_reference": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch"
},
"product_reference": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-django-0:4.2.15-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src"
},
"product_reference": "python3x-django-0:4.2.15-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src"
},
"product_reference": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src"
},
"product_reference": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src"
},
"product_reference": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src"
},
"product_reference": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src"
},
"product_reference": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.15-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src"
},
"product_reference": "python-django-0:4.2.15-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src"
},
"product_reference": "python-grpcio-0:1.58.3-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src"
},
"product_reference": "python-gunicorn-0:22.0.0-2.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src"
},
"product_reference": "python-jmespath-0:0.10.0-5.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src"
},
"product_reference": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src"
},
"product_reference": "python-pulpcore-0:3.28.31-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
},
"product_reference": "python3-django-0:4.2.15-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch"
},
"product_reference": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch"
},
"product_reference": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch"
},
"product_reference": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
},
"product_reference": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5569",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2296413"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5569"
},
{
"category": "external",
"summary": "RHBZ#2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
},
{
"category": "external",
"summary": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd",
"url": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae",
"url": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae"
}
],
"release_date": "2024-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp"
},
{
"cve": "CVE-2024-6840",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-07-17T18:01:46+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298492"
}
],
"notes": [
{
"category": "description",
"text": "An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "automation-controller: Gain access to the k8s API server via job execution with Container Group",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6840"
},
{
"category": "external",
"summary": "RHBZ#2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840"
}
],
"release_date": "2024-09-05T09:09:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "automation-controller: Gain access to the k8s API server via job execution with Container Group"
},
{
"cve": "CVE-2024-7246",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2024-08-06T11:20:24.557753+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2303104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. By sending a specially crafted request, an attacker could leak other clients HTTP header keys. Attackers are only able to access HTTP header keys but not values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is specific to C++ implementations of gRPC release and does not affect Golang or Java implementations of gRPC.\n\nThe gRPC RPM was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library, hence, grpcio dependency has been removed from Kuryr since Openshift-4.12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7246"
},
{
"category": "external",
"summary": "RHBZ#2303104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/issues/36245",
"url": "https://github.com/grpc/grpc/issues/36245"
}
],
"release_date": "2024-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend"
},
{
"cve": "CVE-2024-32879",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2024-04-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277035"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32879"
},
{
"category": "external",
"summary": "RHBZ#2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879"
},
{
"category": "external",
"summary": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3",
"url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3"
}
],
"release_date": "2024-04-24T06:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django"
},
{
"cve": "CVE-2024-33663",
"discovery_date": "2024-04-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277297"
}
],
"notes": [
{
"category": "description",
"text": "python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-33663"
},
{
"category": "external",
"summary": "RHBZ#2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-33663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663"
}
],
"release_date": "2024-04-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats"
},
{
"cve": "CVE-2024-38875",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295935"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Django framework\u0027s urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38875"
},
{
"category": "external",
"summary": "RHBZ#2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875"
}
],
"release_date": "2024-07-26T06:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-39329",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-07-05T09:46:29+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295936"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate() method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Username enumeration through timing difference for users with unusable passwords",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39329"
},
{
"category": "external",
"summary": "RHBZ#2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Username enumeration through timing difference for users with unusable passwords"
},
{
"cve": "CVE-2024-39330",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295937"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs when calling save(). Built-in Storage sub-classes were not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39330"
},
{
"category": "external",
"summary": "RHBZ#2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39330",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39330"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()"
},
{
"cve": "CVE-2024-39614",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T09:46:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295938"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the get_supported_language_variant() function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39614"
},
{
"category": "external",
"summary": "RHBZ#2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()"
},
{
"cve": "CVE-2024-41989",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T01:40:06+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302433"
}
],
"notes": [
{
"category": "description",
"text": "A security issue was found in Django. If \u0027floatformat\u0027 received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41989"
},
{
"category": "external",
"summary": "RHBZ#2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()"
},
{
"cve": "CVE-2024-41990",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2024-08-02T01:52:36+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302434"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41990"
},
{
"category": "external",
"summary": "RHBZ#2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Implementing input validation and limiting the the size of inputs to the urlize and urlizetrunc will mitigate this vulnerability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-41991",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T02:03:22+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "RHBZ#2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41991"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget"
},
{
"cve": "CVE-2024-42005",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-08-02T02:08:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302436"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential SQL injection in QuerySet.values() and values_list()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42005"
},
{
"category": "external",
"summary": "RHBZ#2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-05T14:13:20+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential SQL injection in QuerySet.values() and values_list()"
}
]
}
ghsa-r836-hh6v-rg5g
Vulnerability from github
Published
2024-08-07 15:30
Modified
2024-08-07 19:03
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Summary
Django vulnerable to denial-of-service attack
Details
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "5.0"
},
{
"fixed": "5.0.8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "Django"
},
"ranges": [
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.2.15"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-41991"
],
"database_specific": {
"cwe_ids": [
"CWE-1284",
"CWE-130",
"CWE-1333"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-07T19:03:05Z",
"nvd_published_at": "2024-08-07T15:15:56Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.",
"id": "GHSA-r836-hh6v-rg5g",
"modified": "2024-08-07T19:03:05Z",
"published": "2024-08-07T15:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/523da8771bce321023f490f70d71a9e973ddc927"
},
{
"type": "WEB",
"url": "https://github.com/django/django/commit/efea1ef7e2190e3f77ca0651b5458297bc0f6a9f"
},
{
"type": "WEB",
"url": "https://docs.djangoproject.com/en/dev/releases/security"
},
{
"type": "PACKAGE",
"url": "https://github.com/django/django"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2024-69.yaml"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#%21forum/django-announce"
},
{
"type": "WEB",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Django vulnerable to denial-of-service attack"
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.