Vulnerability-Lookup

RHSA-2025:0777

Vulnerability from csaf_redhat - Published: 2025-01-28 19:20 - Updated: 2026-04-28 01:28

Summary

Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

Severity

Important

Notes

Topic: An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Security Fix(es): * automation-controller: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326) * automation-controller: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201) * automation-controller: Django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374) * python3.11-django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374) * python3.11-django: Potential denial-of-service in django.utils.html.strip_tags() (CVE-2024-53907) * python3.11-jinja2: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326) * python3.11-jinja2: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Updates and fixes included: Automation controller * Fixed an issue where the order of source inventories was not respected by the ansible.controller collection (AAP-38524) * Fixed an issue where an actively running job on an execution node may have had its folder deleted by a system task (AAP-38137) * automation-controller has been updated to 4.6.7 Event-Driven Ansible: * Fixed an issue where users were unable to filter Rule Audits by rulebook activation name (AAP-39253) * Users are now able to create a new Event-Driven Ansible credential by copying an existing one (AAP-39249) * Added support for file and env injectors for Credentials (AAP-39091) * Fixed an issue where the input field of the injector configuration could not be empty (AAP-39086) * Fixed an issue where the application version in the openapi spec was incorrectly set (AAP-38392) * Fixed an issue where activations were not properly updated in some scenarios with a high load of the system (AAP-38374) * automation-eda-controller has been updated to 1.1.4 Container-based Ansible Automation Platform * Allow user to not provide the Postgresql admin account with external database (AAP-39077) * Using PostgreSQL TLS certificate authentication with an external database is now available (AAP-38400) * containerized installer setup has been updated to 2.5-9 RPM-based Ansible Automation Platform * Fixed an issue where gateway could not be setup with custom SSL certificates (AAP-38985) * Fixed an issue where the gateway services are not restarted when a dependency changes (AAP-38918) * Fixed an issue where setting automationedacontroller_max_running_activations could cause the installer to fail (AAP-38708) * ansible-automation-platform-installer and installer setup have been updated to 2.5-8 Additional changes: * python3.11-django has been updated to 4.2.18 * python3.11-jinja2 has been updated to 3.1.5 * python3.11-pulpcore has been updated to 3.49.30

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-53907

A vulnerability was found in the Django Web Framework. The strip_tags() and stripbtags template filter may be vulnerable to a potential denial of service (DoS) in cases of a large sequence of nested incomplete HTML entities.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 8 products

Product	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src	—	Vendor Fix fix Workaround

Known not affected 80 products

Product	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src	—	Workaround

Threats

Impact Moderate

CVE-2024-56201

A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Vendor Fix fix Workaround

Known not affected 60 products

Product	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch	—	Workaround
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch	—	Workaround
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src	—	Workaround

Threats

Impact Important

CVE-2024-56326

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, storing a reference to a malicious string's format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src	—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src		—

Threats

Impact Moderate

CVE-2024-56374

A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` were vulnerable, as was the `django.forms.GenericIPAddressField` form field, which has now been updated to define a `max_length` of 39 characters.

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 24 products

Product	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch	—	Vendor Fix fix
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch	—	Vendor Fix fix
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src	—	Vendor Fix fix

Known not affected 64 products

Product	Identifier	Version	Remediation
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch		—
Unresolved product id: 8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch		—
Unresolved product id: 9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src		—

Threats

Impact Moderate

References

34 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:0777	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2329288	external
https://bugzilla.redhat.com/show_bug.cgi?id=2333854	external
https://bugzilla.redhat.com/show_bug.cgi?id=2333856	external
https://bugzilla.redhat.com/show_bug.cgi?id=2337996	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-53907	self
https://bugzilla.redhat.com/show_bug.cgi?id=2329288	external
https://www.cve.org/CVERecord?id=CVE-2024-53907	external
https://nvd.nist.gov/vuln/detail/CVE-2024-53907	external
https://www.djangoproject.com/weblog/2024/dec/04/…	external
https://access.redhat.com/security/cve/CVE-2024-56201	self
https://bugzilla.redhat.com/show_bug.cgi?id=2333854	external
https://www.cve.org/CVERecord?id=CVE-2024-56201	external
https://nvd.nist.gov/vuln/detail/CVE-2024-56201	external
https://github.com/pallets/jinja/commit/767b23617…	external
https://github.com/pallets/jinja/issues/1792	external
https://github.com/pallets/jinja/releases/tag/3.1.5	external
https://github.com/pallets/jinja/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2024-56326	self
https://bugzilla.redhat.com/show_bug.cgi?id=2333856	external
https://www.cve.org/CVERecord?id=CVE-2024-56326	external
https://nvd.nist.gov/vuln/detail/CVE-2024-56326	external
https://github.com/pallets/jinja/commit/48b0687e0…	external
https://github.com/pallets/jinja/security/advisor…	external
https://access.redhat.com/security/cve/CVE-2024-56374	self
https://bugzilla.redhat.com/show_bug.cgi?id=2337996	external
https://www.cve.org/CVERecord?id=CVE-2024-56374	external
https://nvd.nist.gov/vuln/detail/CVE-2024-56374	external
http://www.openwall.com/lists/oss-security/2025/01/14/2	external
https://docs.djangoproject.com/en/dev/releases/se…	external
https://groups.google.com/g/django-announce	external
https://www.djangoproject.com/weblog/2025/jan/14/…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat Ansible Automation Platform 2.5\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)\n* automation-controller: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201)\n* automation-controller: Django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)\n* python3.11-django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)\n* python3.11-django: Potential denial-of-service in django.utils.html.strip_tags() (CVE-2024-53907)\n* python3.11-jinja2: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)\n* python3.11-jinja2: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes included:\n\nAutomation controller\n* Fixed an issue where the order of source inventories was not respected by the ansible.controller collection (AAP-38524)\n* Fixed an issue where an actively running job on an execution node may have had its folder deleted by a system task (AAP-38137)\n* automation-controller has been updated to 4.6.7\n\nEvent-Driven Ansible:\n* Fixed an issue where users were unable to filter Rule Audits by rulebook activation name (AAP-39253)\n* Users are now able to create a new Event-Driven Ansible credential by copying an existing one (AAP-39249)\n* Added support for file and env injectors for Credentials (AAP-39091)\n* Fixed an issue where the input field of the injector configuration could not be empty (AAP-39086)\n* Fixed an issue where the application version in the openapi spec was incorrectly set (AAP-38392)\n* Fixed an issue where activations were not properly updated in some scenarios with a high load of the system (AAP-38374)\n* automation-eda-controller has been updated to 1.1.4\n\nContainer-based Ansible Automation Platform\n* Allow user to not provide the Postgresql admin account with external database (AAP-39077)\n* Using PostgreSQL TLS certificate authentication with an external database is now available (AAP-38400)\n* containerized installer setup has been updated to 2.5-9\n\nRPM-based Ansible Automation Platform\n* Fixed an issue where gateway could not be setup with custom SSL certificates (AAP-38985)\n* Fixed an issue where the gateway services are not restarted when a dependency changes (AAP-38918)\n* Fixed an issue where setting automationedacontroller_max_running_activations could cause the installer to fail (AAP-38708)\n* ansible-automation-platform-installer and installer setup have been updated to 2.5-8\n\nAdditional changes:\n* python3.11-django has been updated to 4.2.18\n* python3.11-jinja2 has been updated to 3.1.5\n* python3.11-pulpcore has been updated to 3.49.30",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:0777",
        "url": "https://access.redhat.com/errata/RHSA-2025:0777"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2329288",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329288"
      },
      {
        "category": "external",
        "summary": "2333854",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"
      },
      {
        "category": "external",
        "summary": "2333856",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333856"
      },
      {
        "category": "external",
        "summary": "2337996",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337996"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0777.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update",
    "tracking": {
      "current_release_date": "2026-04-28T01:28:27+00:00",
      "generator": {
        "date": "2026-04-28T01:28:27+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.5"
        }
      },
      "id": "RHSA-2025:0777",
      "initial_release_date": "2025-01-28T19:20:06+00:00",
      "revision_history": [
        {
          "date": "2025-01-28T19:20:06+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-01-28T19:20:06+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-04-28T01:28:27+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                  "product_id": "9Base-Ansible-Automation-Platform-2.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                  "product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
                  "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                  "product_id": "8Base-Ansible-Automation-Platform-2.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform:2.5::el8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                  "product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
                  "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ansible Automation Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python3.11-jinja2-0:3.1.5-1.el9ap.src",
                "product": {
                  "name": "python3.11-jinja2-0:3.1.5-1.el9ap.src",
                  "product_id": "python3.11-jinja2-0:3.1.5-1.el9ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el9ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-django-0:4.2.18-1.el9ap.src",
                "product": {
                  "name": "python3.11-django-0:4.2.18-1.el9ap.src",
                  "product_id": "python3.11-django-0:4.2.18-1.el9ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-django@4.2.18-1.el9ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-pulpcore-0:3.49.30-1.el9ap.src",
                "product": {
                  "name": "python3.11-pulpcore-0:3.49.30-1.el9ap.src",
                  "product_id": "python3.11-pulpcore-0:3.49.30-1.el9ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el9ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-0:1.1.4-1.el9ap.src",
                "product": {
                  "name": "automation-eda-controller-0:1.1.4-1.el9ap.src",
                  "product_id": "automation-eda-controller-0:1.1.4-1.el9ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el9ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el9ap.src",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el9ap.src",
                  "product_id": "automation-controller-0:4.6.7-1.el9ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform-installer-0:2.5-8.el9ap.src",
                "product": {
                  "name": "ansible-automation-platform-installer-0:2.5-8.el9ap.src",
                  "product_id": "ansible-automation-platform-installer-0:2.5-8.el9ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el9ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-jinja2-0:3.1.5-1.el8ap.src",
                "product": {
                  "name": "python3.11-jinja2-0:3.1.5-1.el8ap.src",
                  "product_id": "python3.11-jinja2-0:3.1.5-1.el8ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el8ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-django-0:4.2.18-1.el8ap.src",
                "product": {
                  "name": "python3.11-django-0:4.2.18-1.el8ap.src",
                  "product_id": "python3.11-django-0:4.2.18-1.el8ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-django@4.2.18-1.el8ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-pulpcore-0:3.49.30-1.el8ap.src",
                "product": {
                  "name": "python3.11-pulpcore-0:3.49.30-1.el8ap.src",
                  "product_id": "python3.11-pulpcore-0:3.49.30-1.el8ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el8ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-0:1.1.4-1.el8ap.src",
                "product": {
                  "name": "automation-eda-controller-0:1.1.4-1.el8ap.src",
                  "product_id": "automation-eda-controller-0:1.1.4-1.el8ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el8ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el8ap.src",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el8ap.src",
                  "product_id": "automation-controller-0:4.6.7-1.el8ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform-installer-0:2.5-8.el8ap.src",
                "product": {
                  "name": "ansible-automation-platform-installer-0:2.5-8.el8ap.src",
                  "product_id": "ansible-automation-platform-installer-0:2.5-8.el8ap.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el8ap?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
                "product": {
                  "name": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
                  "product_id": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-django-0:4.2.18-1.el9ap.noarch",
                "product": {
                  "name": "python3.11-django-0:4.2.18-1.el9ap.noarch",
                  "product_id": "python3.11-django-0:4.2.18-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-django@4.2.18-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
                "product": {
                  "name": "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
                  "product_id": "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-0:1.1.4-1.el9ap.noarch",
                "product": {
                  "name": "automation-eda-controller-0:1.1.4-1.el9ap.noarch",
                  "product_id": "automation-eda-controller-0:1.1.4-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
                "product": {
                  "name": "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
                  "product_id": "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-base@1.1.4-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
                "product": {
                  "name": "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
                  "product_id": "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.4-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
                "product": {
                  "name": "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
                  "product_id": "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.4-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
                "product": {
                  "name": "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
                  "product_id": "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.4-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-cli-0:4.6.7-1.el9ap.noarch",
                "product": {
                  "name": "automation-controller-cli-0:4.6.7-1.el9ap.noarch",
                  "product_id": "automation-controller-cli-0:4.6.7-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-cli@4.6.7-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-server-0:4.6.7-1.el9ap.noarch",
                "product": {
                  "name": "automation-controller-server-0:4.6.7-1.el9ap.noarch",
                  "product_id": "automation-controller-server-0:4.6.7-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-server@4.6.7-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-ui-0:4.6.7-1.el9ap.noarch",
                "product": {
                  "name": "automation-controller-ui-0:4.6.7-1.el9ap.noarch",
                  "product_id": "automation-controller-ui-0:4.6.7-1.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-ui@4.6.7-1.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
                "product": {
                  "name": "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
                  "product_id": "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el9ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
                "product": {
                  "name": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
                  "product_id": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-django-0:4.2.18-1.el8ap.noarch",
                "product": {
                  "name": "python3.11-django-0:4.2.18-1.el8ap.noarch",
                  "product_id": "python3.11-django-0:4.2.18-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-django@4.2.18-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
                "product": {
                  "name": "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
                  "product_id": "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-0:1.1.4-1.el8ap.noarch",
                "product": {
                  "name": "automation-eda-controller-0:1.1.4-1.el8ap.noarch",
                  "product_id": "automation-eda-controller-0:1.1.4-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
                "product": {
                  "name": "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
                  "product_id": "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-base@1.1.4-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
                "product": {
                  "name": "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
                  "product_id": "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.4-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
                "product": {
                  "name": "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
                  "product_id": "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.4-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
                "product": {
                  "name": "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
                  "product_id": "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.4-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-cli-0:4.6.7-1.el8ap.noarch",
                "product": {
                  "name": "automation-controller-cli-0:4.6.7-1.el8ap.noarch",
                  "product_id": "automation-controller-cli-0:4.6.7-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-cli@4.6.7-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-server-0:4.6.7-1.el8ap.noarch",
                "product": {
                  "name": "automation-controller-server-0:4.6.7-1.el8ap.noarch",
                  "product_id": "automation-controller-server-0:4.6.7-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-server@4.6.7-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-ui-0:4.6.7-1.el8ap.noarch",
                "product": {
                  "name": "automation-controller-ui-0:4.6.7-1.el8ap.noarch",
                  "product_id": "automation-controller-ui-0:4.6.7-1.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-ui@4.6.7-1.el8ap?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
                "product": {
                  "name": "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
                  "product_id": "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el8ap?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el9ap.x86_64",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el9ap.x86_64",
                  "product_id": "automation-controller-0:4.6.7-1.el9ap.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el8ap.x86_64",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el8ap.x86_64",
                  "product_id": "automation-controller-0:4.6.7-1.el8ap.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el9ap.ppc64le",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el9ap.ppc64le",
                  "product_id": "automation-controller-0:4.6.7-1.el9ap.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el8ap.ppc64le",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el8ap.ppc64le",
                  "product_id": "automation-controller-0:4.6.7-1.el8ap.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el9ap.s390x",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el9ap.s390x",
                  "product_id": "automation-controller-0:4.6.7-1.el9ap.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el8ap.s390x",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el8ap.s390x",
                  "product_id": "automation-controller-0:4.6.7-1.el8ap.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el9ap.aarch64",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el9ap.aarch64",
                  "product_id": "automation-controller-0:4.6.7-1.el9ap.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-0:4.6.7-1.el8ap.aarch64",
                "product": {
                  "name": "automation-controller-0:4.6.7-1.el8ap.aarch64",
                  "product_id": "automation-controller-0:4.6.7-1.el8ap.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
                "product": {
                  "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
                  "product_id": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.aarch64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.ppc64le",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.s390x",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.x86_64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-cli-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch"
        },
        "product_reference": "automation-controller-cli-0:4.6.7-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-server-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch"
        },
        "product_reference": "automation-controller-server-0:4.6.7-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-ui-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch"
        },
        "product_reference": "automation-controller-ui-0:4.6.7-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5-Inside-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch"
        },
        "product_reference": "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform-installer-0:2.5-8.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src"
        },
        "product_reference": "ansible-automation-platform-installer-0:2.5-8.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.aarch64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.ppc64le",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.s390x",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el8ap.x86_64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-cli-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch"
        },
        "product_reference": "automation-controller-cli-0:4.6.7-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-server-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch"
        },
        "product_reference": "automation-controller-server-0:4.6.7-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-ui-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch"
        },
        "product_reference": "automation-controller-ui-0:4.6.7-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch"
        },
        "product_reference": "automation-eda-controller-0:1.1.4-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-0:1.1.4-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src"
        },
        "product_reference": "automation-eda-controller-0:1.1.4-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch"
        },
        "product_reference": "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch"
        },
        "product_reference": "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch"
        },
        "product_reference": "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch"
        },
        "product_reference": "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch"
        },
        "product_reference": "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-pulpcore-0:3.49.30-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "product_id": "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src"
        },
        "product_reference": "python3.11-pulpcore-0:3.49.30-1.el8ap.src",
        "relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.aarch64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.ppc64le",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.s390x",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.x86_64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-cli-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch"
        },
        "product_reference": "automation-controller-cli-0:4.6.7-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-server-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch"
        },
        "product_reference": "automation-controller-server-0:4.6.7-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-ui-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch"
        },
        "product_reference": "automation-controller-ui-0:4.6.7-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Developer-1.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5-Inside-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch"
        },
        "product_reference": "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-automation-platform-installer-0:2.5-8.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src"
        },
        "product_reference": "ansible-automation-platform-installer-0:2.5-8.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.aarch64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.ppc64le",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.s390x",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64"
        },
        "product_reference": "automation-controller-0:4.6.7-1.el9ap.x86_64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-cli-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch"
        },
        "product_reference": "automation-controller-cli-0:4.6.7-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-server-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch"
        },
        "product_reference": "automation-controller-server-0:4.6.7-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-ui-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch"
        },
        "product_reference": "automation-controller-ui-0:4.6.7-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64"
        },
        "product_reference": "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch"
        },
        "product_reference": "automation-eda-controller-0:1.1.4-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-0:1.1.4-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src"
        },
        "product_reference": "automation-eda-controller-0:1.1.4-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch"
        },
        "product_reference": "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch"
        },
        "product_reference": "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch"
        },
        "product_reference": "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch"
        },
        "product_reference": "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-django-0:4.2.18-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src"
        },
        "product_reference": "python3.11-django-0:4.2.18-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-jinja2-0:3.1.5-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src"
        },
        "product_reference": "python3.11-jinja2-0:3.1.5-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch"
        },
        "product_reference": "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3.11-pulpcore-0:3.49.30-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "product_id": "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
        },
        "product_reference": "python3.11-pulpcore-0:3.49.30-1.el9ap.src",
        "relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-53907",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-11-28T02:48:36.215000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2329288"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Django Web Framework. The strip_tags() and stripbtags template filter may be vulnerable to a potential denial of service (DoS) in cases of a large sequence of nested incomplete HTML entities.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "django: Potential denial-of-service in django.utils.html.strip_tags()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as a Moderate severity because it exposes the strip_tags() method and striptags template filter to a potential denial-of-service attack, malicious input containing large sequences of nested incomplete HTML entities could cause excessive processing, but it does not affect data confidentiality or integrity",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src"
        ],
        "known_not_affected": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-53907"
        },
        {
          "category": "external",
          "summary": "RHBZ#2329288",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329288"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-53907",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-53907"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53907",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53907"
        },
        {
          "category": "external",
          "summary": "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/",
          "url": "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/"
        }
      ],
      "release_date": "2024-12-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-01-28T19:20:06+00:00",
          "details": "Red Hat Ansible Automation Platform",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:0777"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "django: Potential denial-of-service in django.utils.html.strip_tags()"
    },
    {
      "cve": "CVE-2024-56201",
      "cwe": {
        "id": "CWE-150",
        "name": "Improper Neutralization of Escape, Meta, or Control Sequences"
      },
      "discovery_date": "2024-12-23T16:00:38.768252+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333854"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja\u0027s sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jinja2: Jinja has a sandbox breakout through malicious filenames",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src"
        ],
        "known_not_affected": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-56201"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333854",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-56201",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
          "url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/issues/1792",
          "url": "https://github.com/pallets/jinja/issues/1792"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
          "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
          "url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
        }
      ],
      "release_date": "2024-12-23T15:37:36.110000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-01-28T19:20:06+00:00",
          "details": "Red Hat Ansible Automation Platform",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:0777"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jinja2: Jinja has a sandbox breakout through malicious filenames"
    },
    {
      "cve": "CVE-2024-56326",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2024-12-23T16:00:46.619763+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333856"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, storing a reference to a malicious string\u0027s format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jinja2: Jinja has a sandbox breakout through indirect reference to format method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as Moderate due to an oversight in Jinja\u0027s sandbox environment, allowing attackers to execute arbitrary Python code through controlled template content. This requires control over template content, making exploitation possible only in specific applications, thus limiting its overall impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src"
        ],
        "known_not_affected": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-56326"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333856",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333856"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-56326",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4",
          "url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
          "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
        },
        {
          "category": "external",
          "summary": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h",
          "url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
        }
      ],
      "release_date": "2024-12-23T15:43:49.400000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-01-28T19:20:06+00:00",
          "details": "Red Hat Ansible Automation Platform",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:0777"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jinja2: Jinja has a sandbox breakout through indirect reference to format method"
    },
    {
      "cve": "CVE-2024-56374",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-01-14T20:01:09.167282+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2337996"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` were vulnerable, as was the `django.forms.GenericIPAddressField` form field, which has now been updated to define a `max_length` of 39 characters.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "django: potential denial-of-service vulnerability in IPv6 validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src"
        ],
        "known_not_affected": [
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
          "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
          "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-56374"
        },
        {
          "category": "external",
          "summary": "RHBZ#2337996",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337996"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-56374",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56374"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56374",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56374"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2025/01/14/2",
          "url": "http://www.openwall.com/lists/oss-security/2025/01/14/2"
        },
        {
          "category": "external",
          "summary": "https://docs.djangoproject.com/en/dev/releases/security/",
          "url": "https://docs.djangoproject.com/en/dev/releases/security/"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/django-announce",
          "url": "https://groups.google.com/g/django-announce"
        },
        {
          "category": "external",
          "summary": "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/",
          "url": "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/"
        }
      ],
      "release_date": "2025-01-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-01-28T19:20:06+00:00",
          "details": "Red Hat Ansible Automation Platform",
          "product_ids": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:0777"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x",
            "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch",
            "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x",
            "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch",
            "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "django: potential denial-of-service vulnerability in IPv6 validation"
    }
  ]
}

CVE-2024-53907 (GCVE-0-2024-53907)

Vulnerability from cvelistv5 – Published: 2024-12-06 00:00 – Updated: 2024-12-31 18:03

Summary

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

3 references

URL	Tags
https://docs.djangoproject.com/en/dev/releases/se…
https://groups.google.com/g/django-announce
https://www.openwall.com/lists/oss-security/2024/…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "django",
            "vendor": "djangoproject",
            "versions": [
              {
                "lessThan": "5.1.4",
                "status": "affected",
                "version": "5.1",
                "versionType": "custom"
              },
              {
                "lessThan": "5.0.10",
                "status": "affected",
                "version": "5.0",
                "versionType": "custom"
              },
              {
                "lessThan": "4.2.17",
                "status": "affected",
                "version": "4.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-53907",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-06T16:22:53.268908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-06T16:25:24.421Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-31T18:03:11.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-06T11:42:27.713Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://docs.djangoproject.com/en/dev/releases/security/"
        },
        {
          "url": "https://groups.google.com/g/django-announce"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/12/04/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-53907",
    "datePublished": "2024-12-06T00:00:00.000Z",
    "dateReserved": "2024-11-24T00:00:00.000Z",
    "dateUpdated": "2024-12-31T18:03:11.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-56201 (GCVE-0-2024-56201)

Vulnerability from cvelistv5 – Published: 2024-12-23 15:37 – Updated: 2025-02-18 21:47

Title

Jinja has a sandbox breakout through malicious filenames

Summary

Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5.

Severity

5.4 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences

Assigner

GitHub_M

References

4 references

URL	Tags
https://github.com/pallets/jinja/security/advisor…	x_refsource_CONFIRM
https://github.com/pallets/jinja/issues/1792	x_refsource_MISC
https://github.com/pallets/jinja/commit/767b23617…	x_refsource_MISC
https://github.com/pallets/jinja/releases/tag/3.1.5	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
pallets	jinja	Affected: >= 3.0.0, < 3.1.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-56201",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-24T01:44:55.825619Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T21:47:42.763Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jinja",
          "vendor": "pallets",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.0.0, \u003c 3.1.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja\u0027s sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-150",
              "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-08T16:06:29.739Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
        },
        {
          "name": "https://github.com/pallets/jinja/issues/1792",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pallets/jinja/issues/1792"
        },
        {
          "name": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
        },
        {
          "name": "https://github.com/pallets/jinja/releases/tag/3.1.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
        }
      ],
      "source": {
        "advisory": "GHSA-gmj6-6f8f-6699",
        "discovery": "UNKNOWN"
      },
      "title": "Jinja has a sandbox breakout through malicious filenames"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-56201",
    "datePublished": "2024-12-23T15:37:36.110Z",
    "dateReserved": "2024-12-18T18:29:25.896Z",
    "dateUpdated": "2025-02-18T21:47:42.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-56326 (GCVE-0-2024-56326)

Vulnerability from cvelistv5 – Published: 2024-12-23 15:43 – Updated: 2025-11-03 19:32

Title

Jinja has a sandbox breakout through indirect reference to format method

Summary

Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5.

Severity

5.4 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
CWE-693 - Protection Mechanism Failure

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/pallets/jinja/security/advisor…	x_refsource_CONFIRM
https://github.com/pallets/jinja/commit/48b0687e0…	x_refsource_MISC
https://github.com/pallets/jinja/releases/tag/3.1.5	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
pallets	jinja	Affected: < 3.1.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-56326",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-27T17:50:50.460995Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-27T17:54:33.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T19:32:16.045Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jinja",
          "vendor": "pallets",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.1.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, it\u0027s possible to store a reference to a malicious string\u0027s format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1336",
              "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693: Protection Mechanism Failure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-23T15:43:49.400Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
        },
        {
          "name": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
        },
        {
          "name": "https://github.com/pallets/jinja/releases/tag/3.1.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
        }
      ],
      "source": {
        "advisory": "GHSA-q2x7-8rv6-6q7h",
        "discovery": "UNKNOWN"
      },
      "title": "Jinja has a sandbox breakout through indirect reference to format method"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-56326",
    "datePublished": "2024-12-23T15:43:49.400Z",
    "dateReserved": "2024-12-19T18:34:22.764Z",
    "dateUpdated": "2025-11-03T19:32:16.045Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-56374 (GCVE-0-2024-56374)

Vulnerability from cvelistv5 – Published: 2025-01-14 00:00 – Updated: 2025-02-12 20:31

Summary

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)

Severity

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

mitre

References

3 references

URL	Tags
https://docs.djangoproject.com/en/dev/releases/se…
https://groups.google.com/g/django-announce
https://www.djangoproject.com/weblog/2025/jan/14/…

Impacted products

1 product

Vendor	Product	Version
djangoproject	Django	Affected: 4.2 , < 4.2.18 (custom) Affected: 5.0 , < 5.0.11 (custom) Affected: 5.1 , < 5.1.5 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-23T18:03:28.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/01/14/2"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00024.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-56374",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-15T19:40:35.398718Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T20:31:20.698Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Django",
          "vendor": "djangoproject",
          "versions": [
            {
              "lessThan": "4.2.18",
              "status": "affected",
              "version": "4.2",
              "versionType": "custom"
            },
            {
              "lessThan": "5.0.11",
              "status": "affected",
              "version": "5.0",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.5",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.2.18",
                  "versionStartIncluding": "4.2",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.0.11",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.1.5",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-14T19:07:03.855Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://docs.djangoproject.com/en/dev/releases/security/"
        },
        {
          "url": "https://groups.google.com/g/django-announce"
        },
        {
          "url": "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-56374",
    "datePublished": "2025-01-14T00:00:00.000Z",
    "dateReserved": "2024-12-22T00:00:00.000Z",
    "dateUpdated": "2025-02-12T20:31:20.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2025:0777

CVE-2024-53907 (GCVE-0-2024-53907)

CVE-2024-56201 (GCVE-0-2024-56201)

CVE-2024-56326 (GCVE-0-2024-56326)

CVE-2024-56374 (GCVE-0-2024-56374)

Tags

Sightings

Nomenclature