Action not permitted
Modal body text goes here.
cve-2024-7246
Vulnerability from cvelistv5
Published
2024-08-06 10:14
Modified
2024-08-06 13:17
Severity
Summary
HPACK table poisoning in gRPC C++, Python & Ruby
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T13:17:43.627852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T13:17:59.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "gRPC",
"repo": "https://github.com/grpc",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "1.53.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.53.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.53.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.54.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.54.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.54.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.55.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.55.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.55.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.55.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.56.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.56.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.56.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.56.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.56.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.57.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.57.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.58.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.58.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.58.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.59.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.59.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.59.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.59.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.59.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.60.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.60.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.61.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.61.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.62.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.61.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.62.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.62.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.63.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.63.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.64.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.64.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.64.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.65.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.65.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.65.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "1.65.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIt\u0027s possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It\u0027s also possible to use this vulnerability to leak other clients HTTP header keys, but not values.\u003c/p\u003e\u003cp\u003eThis occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.\u003c/p\u003ePlease update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.\u003cbr\u003e"
}
],
"value": "It\u0027s possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It\u0027s also possible to use this vulnerability to leak other clients HTTP header keys, but not values.\n\nThis occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.\n\nPlease update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4."
}
],
"impacts": [
{
"capecId": "CAPEC-220",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-220 Client-Server Protocol Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-440",
"description": "CWE-440: Expected Behavior Violation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:28.492Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/grpc/grpc/issues/36245"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HPACK table poisoning in gRPC C++, Python \u0026 Ruby",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-7246",
"datePublished": "2024-08-06T10:14:28.492Z",
"dateReserved": "2024-07-29T20:41:21.403Z",
"dateUpdated": "2024-08-06T13:17:59.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-7246\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2024-08-06T11:16:07.587\",\"lastModified\":\"2024-08-06T16:30:24.547\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"It\u0027s possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It\u0027s also possible to use this vulnerability to leak other clients HTTP header keys, but not values.\\n\\nThis occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.\\n\\nPlease update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"NONE\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"LOW\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"LOW\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\"}}]},\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-440\"}]}],\"references\":[{\"url\":\"https://github.com/grpc/grpc/issues/36245\",\"source\":\"cve-coordination@google.com\"}]}}"
}
}
ghsa-ghwg-gpp4-w4x3
Vulnerability from github
Published
2024-08-06 12:30
Modified
2024-08-06 12:30
Severity
Details
It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values.
This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.
Please update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.
{
"affected": [],
"aliases": [
"CVE-2024-7246"
],
"database_specific": {
"cwe_ids": [
"CWE-440"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-06T11:16:07Z",
"severity": "MODERATE"
},
"details": "It\u0027s possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It\u0027s also possible to use this vulnerability to leak other clients HTTP header keys, but not values.\n\nThis occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table.\n\nPlease update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.",
"id": "GHSA-ghwg-gpp4-w4x3",
"modified": "2024-08-06T12:30:34Z",
"published": "2024-08-06T12:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246"
},
{
"type": "WEB",
"url": "https://github.com/grpc/grpc/issues/36245"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
rhsa-2024_6428
Vulnerability from csaf_redhat
Published
2024-09-05 14:13
Modified
2024-09-17 00:01
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)
* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)
* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)
* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)
* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)
* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)
* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)
* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)
* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)
* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)
* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)
* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes for automation controller:
* Updated the receptor to not automatically release the receptor work unit when "RECEPTOR_KEEP_WORK_ON_ERROR" is set to true (AAP-27635)
* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)
* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)
* automation-controller has been updated to 4.5.10
Updates and fixes for automation hub:
* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)
* python3/python39-pulpcore has been updated to 3.28.31
* python3/python39-pulp-ansible has been updated to 0.20.8
Additional fixes:
* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)
* python3/python39-django has been updated to 4.2.15
* python3/python39-grpcio has been updated to 1.58.3
* python3/python39-jmespath has been updated to 0.10.0-5
* python3/python39-zipp has been updated to 3.19.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* automation-controller: Django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* automation-controller: python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats (CVE-2024-33663)\n* automation-controller: python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django (CVE-2024-32879)\n* automation-controller: Gain access to the k8s API server via job execution with Container Group (CVE-2024-6840)\n* python3/python39-django: Potential SQL injection in QuerySet.values() and values_list() (CVE-2024-42005)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget (CVE-2024-41991)\n* python3/python39-django: Potential denial-of-service vulnerability in django.utils.html.urlize() (CVE-2024-41990)\n* python3/python39-django: Memory exhaustion in django.utils.numberformat.floatformat() (CVE-2024-41989)\n* python3/python39-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant() (CVE-2024-39614)\n* python3/python39-django: Potential directory-traversal in django.core.files.storage.Storage.save() (CVE-2024-39330)\n* python3/python39-django: Username enumeration through timing difference for users with unusable passwords (CVE-2024-39329)\n* python3/python39-django: Potential denial-of-service in django.utils.html.urlize() (CVE-2024-38875)\n* python3/python39-grpcio: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend (CVE-2024-7246)\n* python3/python39-zipp: Denial of Service (infinite loop) via crafted zip file (CVE-2024-5569)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes for automation controller:\n* Updated the receptor to not automatically release the receptor work unit when \"RECEPTOR_KEEP_WORK_ON_ERROR\" is set to true (AAP-27635)\n* Updated the Help link in the REST API to point to the latest API Reference documentation (AAP-27573)\n* Fixed a timeout error in the UI when trying to load the Activity Stream (AAP-26772)\n* automation-controller has been updated to 4.5.10\n\nUpdates and fixes for automation hub:\n* API browser now correctly escapes JSON values (AAH-3272, AAP-14463)\n* python3/python39-pulpcore has been updated to 3.28.31\n* python3/python39-pulp-ansible has been updated to 0.20.8\n\nAdditional fixes:\n* Gunicorn python package will no longer obsolete itself when checking for or applying updates (AAP-28364)\n* python3/python39-django has been updated to 4.2.15\n* python3/python39-grpcio has been updated to 1.58.3\n* python3/python39-jmespath has been updated to 0.10.0-5\n* python3/python39-zipp has been updated to 3.19.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6428",
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6428.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update",
"tracking": {
"current_release_date": "2024-09-17T00:01:38+00:00",
"generator": {
"date": "2024-09-17T00:01:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:6428",
"initial_release_date": "2024-09-05T14:13:20+00:00",
"revision_history": [
{
"date": "2024-09-05T14:13:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-05T14:13:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-17T00:01:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_id": "python-pulpcore-0:3.28.31-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.28.31-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_id": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.20.8-1.el9ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_id": "python-gunicorn-0:22.0.0-2.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gunicorn@22.0.0-2.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-django-0:4.2.15-1.el9ap.src",
"product": {
"name": "python-django-0:4.2.15-1.el9ap.src",
"product_id": "python-django-0:4.2.15-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django@4.2.15-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product": {
"name": "python-zipp-0:3.19.2-1.el9ap.src",
"product_id": "python-zipp-0:3.19.2-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-zipp@3.19.2-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_id": "python-grpcio-0:1.58.3-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio@1.58.3-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.src",
"product_id": "automation-controller-0:4.5.10-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_id": "python-jmespath-0:0.10.0-5.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jmespath@0.10.0-5.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_id": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulpcore@3.28.31-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_id": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-pulp-ansible@0.20.8-1.el8ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_id": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-gunicorn@22.0.0-2.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product": {
"name": "python3x-django-0:4.2.15-1.el8ap.src",
"product_id": "python3x-django-0:4.2.15-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-django@4.2.15-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_id": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio@1.58.3-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.src",
"product_id": "automation-controller-0:4.5.10-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_id": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-jmespath@0.10.0-5.el8ap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_id": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulpcore@3.28.31-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_id": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pulp-ansible@0.20.8-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_id": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-gunicorn@22.0.0-2.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_id": "python3-django-0:4.2.15-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-django@4.2.15-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_id": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-zipp@3.19.2-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_id": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jmespath@0.10.0-5.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_id": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.28.31-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_id": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-ansible@0.20.8-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_id": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gunicorn@22.0.0-2.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_id": "python39-django-0:4.2.15-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django@4.2.15-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_id": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-zipp@3.19.2-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_id": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.10-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_id": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-jmespath@0.10.0-5.el8ap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_id": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-grpcio-debugsource@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_id": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-grpcio-tools-debuginfo@1.58.3-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_id": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3x-grpcio-debugsource@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_id": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-grpcio-tools-debuginfo@1.58.3-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.10-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.10-1.el8ap?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-0:4.2.15-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch"
},
"product_reference": "python39-django-0:4.2.15-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gunicorn-0:22.0.0-2.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch"
},
"product_reference": "python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-jmespath-0:0.10.0-5.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch"
},
"product_reference": "python39-jmespath-0:0.10.0-5.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch"
},
"product_reference": "python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.28.31-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch"
},
"product_reference": "python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-zipp-0:3.19.2-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch"
},
"product_reference": "python39-zipp-0:3.19.2-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-django-0:4.2.15-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src"
},
"product_reference": "python3x-django-0:4.2.15-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-0:1.58.3-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src"
},
"product_reference": "python3x-grpcio-0:1.58.3-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64"
},
"product_reference": "python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-gunicorn-0:22.0.0-2.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src"
},
"product_reference": "python3x-gunicorn-0:22.0.0-2.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-jmespath-0:0.10.0-5.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src"
},
"product_reference": "python3x-jmespath-0:0.10.0-5.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src"
},
"product_reference": "python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3x-pulpcore-0:3.28.31-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src"
},
"product_reference": "python3x-pulpcore-0:3.28.31-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.10-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.15-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src"
},
"product_reference": "python-django-0:4.2.15-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-0:1.58.3-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src"
},
"product_reference": "python-grpcio-0:1.58.3-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gunicorn-0:22.0.0-2.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src"
},
"product_reference": "python-gunicorn-0:22.0.0-2.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jmespath-0:0.10.0-5.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src"
},
"product_reference": "python-jmespath-0:0.10.0-5.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.20.8-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src"
},
"product_reference": "python-pulp-ansible-1:0.20.8-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.28.31-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src"
},
"product_reference": "python-pulpcore-0:3.28.31-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-zipp-0:3.19.2-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src"
},
"product_reference": "python-zipp-0:3.19.2-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-django-0:4.2.15-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
},
"product_reference": "python3-django-0:4.2.15-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64"
},
"product_reference": "python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-gunicorn-0:22.0.0-2.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch"
},
"product_reference": "python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jmespath-0:0.10.0-5.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch"
},
"product_reference": "python3-jmespath-0:0.10.0-5.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch"
},
"product_reference": "python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pulpcore-0:3.28.31-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
},
"product_reference": "python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-zipp-0:3.19.2-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
},
"product_reference": "python3-zipp-0:3.19.2-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5569",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2296413"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jaraco/zipp. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5569"
},
{
"category": "external",
"summary": "RHBZ#2296413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5569"
},
{
"category": "external",
"summary": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd",
"url": "https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae",
"url": "https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae"
}
],
"release_date": "2024-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/jaraco/zipp: Denial of Service (infinite loop) via crafted zip file in jaraco/zipp"
},
{
"cve": "CVE-2024-6840",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-07-17T18:01:46+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298492"
}
],
"notes": [
{
"category": "description",
"text": "An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "automation-controller: Gain access to the k8s API server via job execution with Container Group",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6840"
},
{
"category": "external",
"summary": "RHBZ#2298492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6840"
}
],
"release_date": "2024-09-05T09:09:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "automation-controller: Gain access to the k8s API server via job execution with Container Group"
},
{
"cve": "CVE-2024-7246",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2024-08-06T11:20:24.557753+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2303104"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. By sending a specially crafted request, an attacker could leak other clients HTTP header keys. Attackers are only able to access HTTP header keys but not values.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is specific to C++ implementations of gRPC release and does not affect Golang or Java implementations of gRPC.\n\nThe gRPC RPM was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library, hence, grpcio dependency has been removed from Kuryr since Openshift-4.12.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7246"
},
{
"category": "external",
"summary": "RHBZ#2303104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303104"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7246"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc/issues/36245",
"url": "https://github.com/grpc/grpc/issues/36245"
}
],
"release_date": "2024-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend"
},
{
"cve": "CVE-2024-32879",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2024-04-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277035"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32879"
},
{
"category": "external",
"summary": "RHBZ#2277035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277035"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32879"
},
{
"category": "external",
"summary": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3",
"url": "https://github.com/python-social-auth/social-app-django/security/advisories/GHSA-2gr8-3wc7-xhj3"
}
],
"release_date": "2024-04-24T06:57:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django"
},
{
"cve": "CVE-2024-33663",
"discovery_date": "2024-04-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2277297"
}
],
"notes": [
{
"category": "description",
"text": "python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-33663"
},
{
"category": "external",
"summary": "RHBZ#2277297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-33663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-33663"
}
],
"release_date": "2024-04-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats"
},
{
"cve": "CVE-2024-38875",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295935"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Python-Django in django.utils.html.urlize() function. The issue triggers when it is parsed with certain inputs with a very large number of brackets, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-38875"
},
{
"category": "external",
"summary": "RHBZ#2295935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295935"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-38875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38875"
}
],
"release_date": "2024-07-26T06:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-39329",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2024-07-05T09:46:29+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295936"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate() method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Username enumeration through timing difference for users with unusable passwords",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39329"
},
{
"category": "external",
"summary": "RHBZ#2295936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295936"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39329"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Username enumeration through timing difference for users with unusable passwords"
},
{
"cve": "CVE-2024-39330",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-07-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295937"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs when calling save(). Built-in Storage sub-classes were not affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39330"
},
{
"category": "external",
"summary": "RHBZ#2295937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39330",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39330"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39330"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-django: Potential directory-traversal in django.core.files.storage.Storage.save()"
},
{
"cve": "CVE-2024-39614",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2024-07-05T09:46:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295938"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python-Django in the get_supported_language_variant() function. The issue triggers when parsed with very long strings, including a specific set of characters, leading to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39614"
},
{
"category": "external",
"summary": "RHBZ#2295938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39614",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39614"
}
],
"release_date": "2024-07-09T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service in django.utils.translation.get_supported_language_variant()"
},
{
"cve": "CVE-2024-41989",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T01:40:06+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302433"
}
],
"notes": [
{
"category": "description",
"text": "A security issue was found in Django. If \u0027floatformat\u0027 received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41989"
},
{
"category": "external",
"summary": "RHBZ#2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()"
},
{
"cve": "CVE-2024-41990",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2024-08-02T01:52:36+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302434"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41990"
},
{
"category": "external",
"summary": "RHBZ#2302434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302434"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41990"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Implementing input validation and limiting the the size of inputs to the urlize and urlizetrunc will mitigate this vulnerability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()"
},
{
"cve": "CVE-2024-41991",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T02:03:22+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "RHBZ#2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41991"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget"
},
{
"cve": "CVE-2024-42005",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-08-02T02:08:30+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302436"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential SQL injection in QuerySet.values() and values_list()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42005"
},
{
"category": "external",
"summary": "RHBZ#2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python39-grpcio-tools-debuginfo-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-gunicorn-0:22.0.0-2.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-jmespath-0:0.10.0-5.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulp-ansible-1:0.20.8-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-pulpcore-0:3.28.31-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python39-zipp-0:3.19.2-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-0:1.58.3-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:python3x-grpcio-debugsource-0:1.58.3-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python3x-gunicorn-0:22.0.0-2.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-jmespath-0:0.10.0-5.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulp-ansible-1:0.20.8-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:python3x-pulpcore-0:3.28.31-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:python3-zipp-0:3.19.2-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.10-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-0:1.58.3-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python-grpcio-debugsource-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-gunicorn-0:22.0.0-2.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-jmespath-0:0.10.0-5.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulp-ansible-1:0.20.8-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-pulpcore-0:3.28.31-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python-zipp-0:3.19.2-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:python3-grpcio-tools-debuginfo-0:1.58.3-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python3-gunicorn-0:22.0.0-2.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-jmespath-0:0.10.0-5.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulp-ansible-1:0.20.8-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-pulpcore-0:3.28.31-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:python3-zipp-0:3.19.2-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:python39-django-0:4.2.15-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:python3x-django-0:4.2.15-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.10-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:python-django-0:4.2.15-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:python3-django-0:4.2.15-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential SQL injection in QuerySet.values() and values_list()"
}
]
}
Loading...