rhsa-2025:0777
Vulnerability from csaf_redhat
Published
2025-01-28 19:20
Modified
2025-04-03 17:25
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.5
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)
* automation-controller: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201)
* automation-controller: Django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)
* python3.11-django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)
* python3.11-django: Potential denial-of-service in django.utils.html.strip_tags() (CVE-2024-53907)
* python3.11-jinja2: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)
* python3.11-jinja2: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes included:
Automation controller
* Fixed an issue where the order of source inventories was not respected by the ansible.controller collection (AAP-38524)
* Fixed an issue where an actively running job on an execution node may have had its folder deleted by a system task (AAP-38137)
* automation-controller has been updated to 4.6.7
Event-Driven Ansible:
* Fixed an issue where users were unable to filter Rule Audits by rulebook activation name (AAP-39253)
* Users are now able to create a new Event-Driven Ansible credential by copying an existing one (AAP-39249)
* Added support for file and env injectors for Credentials (AAP-39091)
* Fixed an issue where the input field of the injector configuration could not be empty (AAP-39086)
* Fixed an issue where the application version in the openapi spec was incorrectly set (AAP-38392)
* Fixed an issue where activations were not properly updated in some scenarios with a high load of the system (AAP-38374)
* automation-eda-controller has been updated to 1.1.4
Container-based Ansible Automation Platform
* Allow user to not provide the Postgresql admin account with external database (AAP-39077)
* Using PostgreSQL TLS certificate authentication with an external database is now available (AAP-38400)
* containerized installer setup has been updated to 2.5-9
RPM-based Ansible Automation Platform
* Fixed an issue where gateway could not be setup with custom SSL certificates (AAP-38985)
* Fixed an issue where the gateway services are not restarted when a dependency changes (AAP-38918)
* Fixed an issue where setting automationedacontroller_max_running_activations could cause the installer to fail (AAP-38708)
* ansible-automation-platform-installer and installer setup have been updated to 2.5-8
Additional changes:
* python3.11-django has been updated to 4.2.18
* python3.11-jinja2 has been updated to 3.1.5
* python3.11-pulpcore has been updated to 3.49.30
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat Ansible Automation Platform 2.5\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n\n* automation-controller: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)\n* automation-controller: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201)\n* automation-controller: Django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)\n* python3.11-django: potential denial-of-service vulnerability in IPv6 validation (CVE-2024-56374)\n* python3.11-django: Potential denial-of-service in django.utils.html.strip_tags() (CVE-2024-53907)\n* python3.11-jinja2: Jinja has a sandbox breakout through indirect reference to format method (CVE-2024-56326)\n* python3.11-jinja2: Jinja has a sandbox breakout through malicious filenames (CVE-2024-56201)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes included:\n\nAutomation controller\n* Fixed an issue where the order of source inventories was not respected by the ansible.controller collection (AAP-38524)\n* Fixed an issue where an actively running job on an execution node may have had its folder deleted by a system task (AAP-38137)\n* automation-controller has been updated to 4.6.7\n\nEvent-Driven Ansible:\n* Fixed an issue where users were unable to filter Rule Audits by rulebook activation name (AAP-39253)\n* Users are now able to create a new Event-Driven Ansible credential by copying an existing one (AAP-39249)\n* Added support for file and env injectors for Credentials (AAP-39091)\n* Fixed an issue where the input field of the injector configuration could not be empty (AAP-39086)\n* Fixed an issue where the application version in the openapi spec was incorrectly set (AAP-38392)\n* Fixed an issue where activations were not properly updated in some scenarios with a high load of the system (AAP-38374)\n* automation-eda-controller has been updated to 1.1.4\n\nContainer-based Ansible Automation Platform\n* Allow user to not provide the Postgresql admin account with external database (AAP-39077)\n* Using PostgreSQL TLS certificate authentication with an external database is now available (AAP-38400)\n* containerized installer setup has been updated to 2.5-9\n\nRPM-based Ansible Automation Platform\n* Fixed an issue where gateway could not be setup with custom SSL certificates (AAP-38985)\n* Fixed an issue where the gateway services are not restarted when a dependency changes (AAP-38918)\n* Fixed an issue where setting automationedacontroller_max_running_activations could cause the installer to fail (AAP-38708)\n* ansible-automation-platform-installer and installer setup have been updated to 2.5-8\n\nAdditional changes:\n* python3.11-django has been updated to 4.2.18\n* python3.11-jinja2 has been updated to 3.1.5\n* python3.11-pulpcore has been updated to 3.49.30", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:0777", url: "https://access.redhat.com/errata/RHSA-2025:0777", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2329288", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2329288", }, { category: "external", summary: "2333854", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333854", }, { category: "external", summary: "2333856", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333856", }, { category: "external", summary: "2337996", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337996", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0777.json", }, ], title: "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update", tracking: { current_release_date: "2025-04-03T17:25:43+00:00", generator: { date: "2025-04-03T17:25:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:0777", initial_release_date: "2025-01-28T19:20:06+00:00", revision_history: [ { date: "2025-01-28T19:20:06+00:00", number: "1", summary: "Initial version", }, { date: "2025-01-28T19:20:06+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-03T17:25:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:2.5::el9", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform:2.5::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8", }, }, }, { category: "product_name", name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product: { name: "Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8", }, }, }, ], category: "product_family", name: "Red Hat Ansible Automation Platform", }, { branches: [ { category: "product_version", name: "python3.11-jinja2-0:3.1.5-1.el9ap.src", product: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.src", product_id: "python3.11-jinja2-0:3.1.5-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-django-0:4.2.18-1.el9ap.src", product: { name: "python3.11-django-0:4.2.18-1.el9ap.src", product_id: "python3.11-django-0:4.2.18-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django@4.2.18-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-pulpcore-0:3.49.30-1.el9ap.src", product: { name: "python3.11-pulpcore-0:3.49.30-1.el9ap.src", product_id: "python3.11-pulpcore-0:3.49.30-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.4-1.el9ap.src", product: { name: "automation-eda-controller-0:1.1.4-1.el9ap.src", product_id: "automation-eda-controller-0:1.1.4-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.7-1.el9ap.src", product: { name: "automation-controller-0:4.6.7-1.el9ap.src", product_id: "automation-controller-0:4.6.7-1.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=src", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-8.el9ap.src", product: { name: "ansible-automation-platform-installer-0:2.5-8.el9ap.src", product_id: "ansible-automation-platform-installer-0:2.5-8.el9ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el9ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-jinja2-0:3.1.5-1.el8ap.src", product: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.src", product_id: "python3.11-jinja2-0:3.1.5-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-django-0:4.2.18-1.el8ap.src", product: { name: "python3.11-django-0:4.2.18-1.el8ap.src", product_id: "python3.11-django-0:4.2.18-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django@4.2.18-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "python3.11-pulpcore-0:3.49.30-1.el8ap.src", product: { name: "python3.11-pulpcore-0:3.49.30-1.el8ap.src", product_id: "python3.11-pulpcore-0:3.49.30-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.4-1.el8ap.src", product: { name: "automation-eda-controller-0:1.1.4-1.el8ap.src", product_id: "automation-eda-controller-0:1.1.4-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.7-1.el8ap.src", product: { name: "automation-controller-0:4.6.7-1.el8ap.src", product_id: "automation-controller-0:4.6.7-1.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=src", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-8.el8ap.src", product: { name: "ansible-automation-platform-installer-0:2.5-8.el8ap.src", product_id: "ansible-automation-platform-installer-0:2.5-8.el8ap.src", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el8ap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch", product: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch", product_id: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-0:4.2.18-1.el9ap.noarch", product: { name: "python3.11-django-0:4.2.18-1.el9ap.noarch", product_id: "python3.11-django-0:4.2.18-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django@4.2.18-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", product: { name: "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", product_id: "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.4-1.el9ap.noarch", product: { name: "automation-eda-controller-0:1.1.4-1.el9ap.noarch", product_id: "automation-eda-controller-0:1.1.4-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", product: { name: "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", product_id: "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base@1.1.4-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", product: { name: "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", product_id: "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.4-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", product: { name: "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", product_id: "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.4-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", product: { name: "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", product_id: "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.4-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-cli-0:4.6.7-1.el9ap.noarch", product: { name: "automation-controller-cli-0:4.6.7-1.el9ap.noarch", product_id: "automation-controller-cli-0:4.6.7-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-cli@4.6.7-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-server-0:4.6.7-1.el9ap.noarch", product: { name: "automation-controller-server-0:4.6.7-1.el9ap.noarch", product_id: "automation-controller-server-0:4.6.7-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-server@4.6.7-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-ui-0:4.6.7-1.el9ap.noarch", product: { name: "automation-controller-ui-0:4.6.7-1.el9ap.noarch", product_id: "automation-controller-ui-0:4.6.7-1.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-ui@4.6.7-1.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", product: { name: "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", product_id: "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el9ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch", product: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch", product_id: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-jinja2@3.1.5-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-django-0:4.2.18-1.el8ap.noarch", product: { name: "python3.11-django-0:4.2.18-1.el8ap.noarch", product_id: "python3.11-django-0:4.2.18-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-django@4.2.18-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", product: { name: "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", product_id: "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/python3.11-pulpcore@3.49.30-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-0:1.1.4-1.el8ap.noarch", product: { name: "automation-eda-controller-0:1.1.4-1.el8ap.noarch", product_id: "automation-eda-controller-0:1.1.4-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller@1.1.4-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", product: { name: "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", product_id: "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base@1.1.4-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", product: { name: "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", product_id: "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-base-services@1.1.4-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", product: { name: "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", product_id: "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-event-stream-services@1.1.4-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", product: { name: "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", product_id: "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-eda-controller-worker-services@1.1.4-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-cli-0:4.6.7-1.el8ap.noarch", product: { name: "automation-controller-cli-0:4.6.7-1.el8ap.noarch", product_id: "automation-controller-cli-0:4.6.7-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-cli@4.6.7-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-server-0:4.6.7-1.el8ap.noarch", product: { name: "automation-controller-server-0:4.6.7-1.el8ap.noarch", product_id: "automation-controller-server-0:4.6.7-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-server@4.6.7-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "automation-controller-ui-0:4.6.7-1.el8ap.noarch", product: { name: "automation-controller-ui-0:4.6.7-1.el8ap.noarch", product_id: "automation-controller-ui-0:4.6.7-1.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-ui@4.6.7-1.el8ap?arch=noarch", }, }, }, { category: "product_version", name: "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", product: { name: "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", product_id: "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/ansible-automation-platform-installer@2.5-8.el8ap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "automation-controller-0:4.6.7-1.el9ap.x86_64", product: { name: "automation-controller-0:4.6.7-1.el9ap.x86_64", product_id: "automation-controller-0:4.6.7-1.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", product_id: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.7-1.el8ap.x86_64", product: { name: "automation-controller-0:4.6.7-1.el8ap.x86_64", product_id: "automation-controller-0:4.6.7-1.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=x86_64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", product_id: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "automation-controller-0:4.6.7-1.el9ap.ppc64le", product: { name: "automation-controller-0:4.6.7-1.el9ap.ppc64le", product_id: "automation-controller-0:4.6.7-1.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", product_id: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.7-1.el8ap.ppc64le", product: { name: "automation-controller-0:4.6.7-1.el8ap.ppc64le", product_id: "automation-controller-0:4.6.7-1.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=ppc64le", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", product_id: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "automation-controller-0:4.6.7-1.el9ap.s390x", product: { name: "automation-controller-0:4.6.7-1.el9ap.s390x", product_id: "automation-controller-0:4.6.7-1.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", product_id: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.7-1.el8ap.s390x", product: { name: "automation-controller-0:4.6.7-1.el8ap.s390x", product_id: "automation-controller-0:4.6.7-1.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=s390x", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", product_id: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "automation-controller-0:4.6.7-1.el9ap.aarch64", product: { name: "automation-controller-0:4.6.7-1.el9ap.aarch64", product_id: "automation-controller-0:4.6.7-1.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el9ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", product_id: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el9ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-0:4.6.7-1.el8ap.aarch64", product: { name: "automation-controller-0:4.6.7-1.el8ap.aarch64", product_id: "automation-controller-0:4.6.7-1.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller@4.6.7-1.el8ap?arch=aarch64", }, }, }, { category: "product_version", name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", product: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", product_id: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/automation-controller-venv-tower@4.6.7-1.el8ap?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.7-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", }, product_reference: "automation-controller-server-0:4.6.7-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.7-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", }, product_reference: "python3.11-django-0:4.2.18-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", }, product_reference: "python3.11-django-0:4.2.18-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", }, product_reference: "ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-8.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", }, product_reference: "ansible-automation-platform-installer-0:2.5-8.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", }, product_reference: "automation-controller-0:4.6.7-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.7-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", }, product_reference: "automation-controller-server-0:4.6.7-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.7-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.7-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", }, product_reference: "automation-eda-controller-0:1.1.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.4-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", }, product_reference: "automation-eda-controller-0:1.1.4-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", }, product_reference: "automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", }, product_reference: "automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", }, product_reference: "automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", }, product_reference: "automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", }, product_reference: "python3.11-django-0:4.2.18-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", }, product_reference: "python3.11-django-0:4.2.18-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", }, product_reference: "python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pulpcore-0:3.49.30-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 8", product_id: "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", }, product_reference: "python3.11-pulpcore-0:3.49.30-1.el8ap.src", relates_to_product_reference: "8Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.7-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", }, product_reference: "automation-controller-server-0:4.6.7-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.7-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", }, product_reference: "python3.11-django-0:4.2.18-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", }, product_reference: "python3.11-django-0:4.2.18-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Developer-1.2", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5-Inside-1.3", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", }, product_reference: "ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "ansible-automation-platform-installer-0:2.5-8.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", }, product_reference: "ansible-automation-platform-installer-0:2.5-8.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", }, product_reference: "automation-controller-0:4.6.7-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-cli-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", }, product_reference: "automation-controller-cli-0:4.6.7-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-server-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", }, product_reference: "automation-controller-server-0:4.6.7-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-ui-0:4.6.7-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", }, product_reference: "automation-controller-ui-0:4.6.7-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", }, product_reference: "automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", }, product_reference: "automation-eda-controller-0:1.1.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-0:1.1.4-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", }, product_reference: "automation-eda-controller-0:1.1.4-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", }, product_reference: "automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", }, product_reference: "automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", }, product_reference: "automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", }, product_reference: "automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", }, product_reference: "python3.11-django-0:4.2.18-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-django-0:4.2.18-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", }, product_reference: "python3.11-django-0:4.2.18-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-jinja2-0:3.1.5-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", }, product_reference: "python3.11-jinja2-0:3.1.5-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", }, product_reference: "python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, { category: "default_component_of", full_product_name: { name: "python3.11-pulpcore-0:3.49.30-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.5 for RHEL 9", product_id: "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", }, product_reference: "python3.11-pulpcore-0:3.49.30-1.el9ap.src", relates_to_product_reference: "9Base-Ansible-Automation-Platform-2.5", }, ], }, vulnerabilities: [ { cve: "CVE-2024-53907", cwe: { id: "CWE-1169", name: "CWE-1169", }, discovery_date: "2024-11-28T02:48:36.215000+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2329288", }, ], notes: [ { category: "description", text: "A vulnerability was found in the Django Web Framework. The strip_tags() and stripbtags template filter may be vulnerable to a potential denial of service (DoS) in cases of a large sequence of nested incomplete HTML entities.", title: "Vulnerability description", }, { category: "summary", text: "django: Potential denial-of-service in django.utils.html.strip_tags()", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as a Moderate severity because it exposes the strip_tags() method and striptags template filter to a potential denial-of-service attack, malicious input containing large sequences of nested incomplete HTML entities could cause excessive processing, but it does not affect data confidentiality or integrity", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", ], known_not_affected: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-53907", }, { category: "external", summary: "RHBZ#2329288", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2329288", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-53907", url: "https://www.cve.org/CVERecord?id=CVE-2024-53907", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-53907", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-53907", }, { category: "external", summary: "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/", url: "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/", }, ], release_date: "2024-12-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-28T19:20:06+00:00", details: "Red Hat Ansible Automation Platform", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0777", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "django: Potential denial-of-service in django.utils.html.strip_tags()", }, { cve: "CVE-2024-56201", cwe: { id: "CWE-150", name: "Improper Neutralization of Escape, Meta, or Control Sequences", }, discovery_date: "2024-12-23T16:00:38.768252+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333854", }, ], notes: [ { category: "description", text: "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja's sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.", title: "Vulnerability description", }, { category: "summary", text: "jinja2: Jinja has a sandbox breakout through malicious filenames", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", ], known_not_affected: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56201", }, { category: "external", summary: "RHBZ#2333854", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333854", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56201", url: "https://www.cve.org/CVERecord?id=CVE-2024-56201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56201", }, { category: "external", summary: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", url: "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f", }, { category: "external", summary: "https://github.com/pallets/jinja/issues/1792", url: "https://github.com/pallets/jinja/issues/1792", }, { category: "external", summary: "https://github.com/pallets/jinja/releases/tag/3.1.5", url: "https://github.com/pallets/jinja/releases/tag/3.1.5", }, { category: "external", summary: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", url: "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699", }, ], release_date: "2024-12-23T15:37:36.110000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-28T19:20:06+00:00", details: "Red Hat Ansible Automation Platform", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0777", }, { category: "workaround", details: "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jinja2: Jinja has a sandbox breakout through malicious filenames", }, { cve: "CVE-2024-56326", cwe: { id: "CWE-693", name: "Protection Mechanism Failure", }, discovery_date: "2024-12-23T16:00:46.619763+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2333856", }, ], notes: [ { category: "description", text: "A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, storing a reference to a malicious string's format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.", title: "Vulnerability description", }, { category: "summary", text: "jinja2: Jinja has a sandbox breakout through indirect reference to format method", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is rated as Moderate due to an oversight in Jinja's sandbox environment, allowing attackers to execute arbitrary Python code through controlled template content. This requires control over template content, making exploitation possible only in specific applications, thus limiting its overall impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", ], known_not_affected: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56326", }, { category: "external", summary: "RHBZ#2333856", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2333856", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56326", url: "https://www.cve.org/CVERecord?id=CVE-2024-56326", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56326", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56326", }, { category: "external", summary: "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4", url: "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4", }, { category: "external", summary: "https://github.com/pallets/jinja/releases/tag/3.1.5", url: "https://github.com/pallets/jinja/releases/tag/3.1.5", }, { category: "external", summary: "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h", url: "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h", }, ], release_date: "2024-12-23T15:43:49.400000+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-28T19:20:06+00:00", details: "Red Hat Ansible Automation Platform", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0777", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jinja2: Jinja has a sandbox breakout through indirect reference to format method", }, { cve: "CVE-2024-56374", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-01-14T20:01:09.167282+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2337996", }, ], notes: [ { category: "description", text: "A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` were vulnerable, as was the `django.forms.GenericIPAddressField` form field, which has now been updated to define a `max_length` of 39 characters.", title: "Vulnerability description", }, { category: "summary", text: "django: potential denial-of-service vulnerability in IPv6 validation", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", ], known_not_affected: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-56374", }, { category: "external", summary: "RHBZ#2337996", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2337996", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-56374", url: "https://www.cve.org/CVERecord?id=CVE-2024-56374", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-56374", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-56374", }, { category: "external", summary: "http://www.openwall.com/lists/oss-security/2025/01/14/2", url: "http://www.openwall.com/lists/oss-security/2025/01/14/2", }, { category: "external", summary: "https://docs.djangoproject.com/en/dev/releases/security/", url: "https://docs.djangoproject.com/en/dev/releases/security/", }, { category: "external", summary: "https://groups.google.com/g/django-announce", url: "https://groups.google.com/g/django-announce", }, { category: "external", summary: "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/", url: "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/", }, ], release_date: "2025-01-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-01-28T19:20:06+00:00", details: "Red Hat Ansible Automation Platform", product_ids: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:0777", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L", version: "3.1", }, products: [ "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.aarch64", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.ppc64le", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.s390x", "8Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el8ap.x86_64", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el8ap.src", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.noarch", "8Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el8ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Developer-1.2:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5-Inside-1.3:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:ansible-automation-platform-installer-0:2.5-8.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-controller-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-cli-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-server-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-ui-0:4.6.7-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.aarch64", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.ppc64le", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.s390x", "9Base-Ansible-Automation-Platform-2.5:automation-controller-venv-tower-0:4.6.7-1.el9ap.x86_64", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-0:1.1.4-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-base-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-event-stream-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:automation-eda-controller-worker-services-0:1.1.4-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-django-0:4.2.18-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-jinja2-0:3.1.5-1.el9ap.src", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.noarch", "9Base-Ansible-Automation-Platform-2.5:python3.11-pulpcore-0:3.49.30-1.el9ap.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "django: potential denial-of-service vulnerability in IPv6 validation", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.