Vulnerability-Lookup

CVE-2024-21503 (GCVE-0-2024-21503)

Vulnerability from cvelistv5 – Published: 2024-03-19 05:00 – Updated: 2024-08-01 22:20

Summary

Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P

SSVC

Exploitation: poc Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-1333 - Regular Expression Denial of Service (ReDoS)
CWE-75 - Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

Assigner

snyk

References

3 references

URL	Tags
https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273
https://github.com/psf/black/releases/tag/24.3.0
https://github.com/psf/black/commit/f00093672628d…

Impacted products

2 products

Vendor	Product	Version
n/a	black	Affected: 0 , < 24.3.0 (semver)
python_software_foundation	black	Affected: 0 , < 24.3.0 (custom) cpe:2.3:a:python_software_foundation:black::::::::

Credits

Sajeeb Lohani

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:python_software_foundation:black:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "black",
            "vendor": "python_software_foundation",
            "versions": [
              {
                "lessThan": "24.3.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21503",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T13:35:33.402362Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-75",
                "description": "CWE-75 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-20T21:14:49.619Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:20:40.916Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/psf/black/releases/tag/24.3.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "black",
          "vendor": "n/a",
          "versions": [
            {
              "lessThan": "24.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Sajeeb Lohani"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service.\r\rExploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1333",
              "description": "Regular Expression Denial of Service (ReDoS)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-19T05:00:01.474Z",
        "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "shortName": "snyk"
      },
      "references": [
        {
          "url": "https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273"
        },
        {
          "url": "https://github.com/psf/black/releases/tag/24.3.0"
        },
        {
          "url": "https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
    "assignerShortName": "snyk",
    "cveId": "CVE-2024-21503",
    "datePublished": "2024-03-19T05:00:01.474Z",
    "dateReserved": "2023-12-22T12:33:20.119Z",
    "dateUpdated": "2024-08-01T22:20:40.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-21503",
      "date": "2026-06-02",
      "epss": "0.00081",
      "percentile": "0.23919"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-21503\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2024-03-19T05:15:09.447\",\"lastModified\":\"2024-11-21T08:54:34.260\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service.\\r\\rExploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.\"},{\"lang\":\"es\",\"value\":\"Las versiones del paquete black anteriores a la 24.3.0 son vulnerables a la denegaci\u00f3n de servicio de expresi\u00f3n regular (ReDoS) a trav\u00e9s de la funci\u00f3nlines_with_leading_tabs_expanded en el archivo strings.py. Un atacante podr\u00eda aprovechar esta vulnerabilidad creando una entrada maliciosa que provoque una denegaci\u00f3n de servicio. Es posible explotar esta vulnerabilidad cuando se ejecuta Black en entradas que no son de confianza o si habitualmente coloca miles de caracteres de tabulaci\u00f3n iniciales en sus cadenas de documentaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-75\"}]}],\"references\":[{\"url\":\"https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8\",\"source\":\"report@snyk.io\"},{\"url\":\"https://github.com/psf/black/releases/tag/24.3.0\",\"source\":\"report@snyk.io\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273\",\"source\":\"report@snyk.io\"},{\"url\":\"https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/psf/black/releases/tag/24.3.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21503\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-19T13:35:33.402362Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:python_software_foundation:black:*:*:*:*:*:*:*:*\"], \"vendor\": \"python_software_foundation\", \"product\": \"black\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"24.3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-75\", \"description\": \"CWE-75 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-20T21:12:06.671Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Sajeeb Lohani\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"black\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"24.3.0\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273\"}, {\"url\": \"https://github.com/psf/black/releases/tag/24.3.0\"}, {\"url\": \"https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service.\\r\\rExploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"cweId\": \"CWE-1333\", \"description\": \"Regular Expression Denial of Service (ReDoS)\"}]}], \"providerMetadata\": {\"orgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"shortName\": \"snyk\", \"dateUpdated\": \"2024-03-19T05:00:01.474Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-21503\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-06-20T21:14:49.619Z\", \"dateReserved\": \"2023-12-22T12:33:20.119Z\", \"assignerOrgId\": \"bae035ff-b466-4ff4-94d0-fc9efd9e1730\", \"datePublished\": \"2024-03-19T05:00:01.474Z\", \"assignerShortName\": \"snyk\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-1328

Vulnerability from csaf_certbund - Published: 2024-06-10 22:00 - Updated: 2025-10-19 22:00

Summary

Red Hat Ansible Automation Platform: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Ansible Automation Platform ist eine End-to-End-Automatisierungsplattform für die Systemkonfiguration, die Softwarebereitstellung und die Orchestrierung erweiterter Workflows.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Red Hat Ansible Automation Platform ausnutzen, um beliebigen Programmcode auszuführen, einen Denial-of-Service-Zustand erzeugen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen, Dateien zu manipulieren oder Cross-Site-Scripting (XSS)-Angriffe durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2023-45288

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2023-45290

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2023-49083

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2023-50447

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2023-5752

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-1135

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-21503

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-24783

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-26130

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-27306

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-27351

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-28219

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-28849

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-30251

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-32879

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-34064

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-35195

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-3651

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-3772

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

CVE-2024-4340

Affected products

Known affected 15 products

Product	Identifier	Version
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat Ansible Automation Platform <2.4 Red Hat / Ansible Automation Platform		<2.4
Gentoo Linux Gentoo	`cpe:/o:gentoo:linux:-`	—
Red Hat Satellite 6.15 Red Hat / Satellite	`cpe:/a:redhat:satellite:6.15`	6.15
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerProtect Data Domain <8.4.0.0 Dell / PowerProtect Data Domain		<8.4.0.0
Dell PowerProtect Data Domain <7.13.1.40 Dell / PowerProtect Data Domain		<7.13.1.40
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat Enterprise Linux Update Infrastructure 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:update_infrastructure_4`	Update Infrastructure 4
Dell PowerProtect Data Domain <7.10.1.70 Dell / PowerProtect Data Domain		<7.10.1.70
Dell PowerProtect Data Domain <8.3.1.10 Dell / PowerProtect Data Domain		<8.3.1.10

References

47 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2024:3781	external
https://access.redhat.com/errata/RHSA-2024:3820	external
https://access.redhat.com/errata/RHSA-2024:3713	external
https://access.redhat.com/errata/RHSA-2024:3811	external
https://access.redhat.com/errata/RHSA-2024:3795	external
https://linux.oracle.com/errata/ELSA-2024-3820.html	external
https://bodhi.fedoraproject.org/updates/FEDORA-EP…	external
https://errata.build.resf.org/RLSA-2024:3820	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2023/ALAS-2024-644.html	external
https://alas.aws.amazon.com/AL2023/ALAS-2024-645.html	external
https://access.redhat.com/errata/RHSA-2024:4231	external
https://access.redhat.com/errata/RHSA-2024:4227	external
https://linux.oracle.com/errata/ELSA-2024-4227.html	external
https://linux.oracle.com/errata/ELSA-2024-4231.html	external
https://access.redhat.com/errata/RHSA-2024:4404	external
https://access.redhat.com/errata/RHSA-2024:4414	external
https://access.redhat.com/errata/RHSA-2024:4427	external
https://access.redhat.com/errata/RHSA-2024:4522	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://errata.build.resf.org/RLSA-2024:4227	external
https://errata.build.resf.org/RLSA-2024:4231	external
https://access.redhat.com/errata/RHSA-2024:4616	external
https://access.redhat.com/errata/RHSA-2024:4958	external
https://security.gentoo.org/glsa/202408-11	external
https://access.redhat.com/errata/RHSA-2024:5107	external
https://access.redhat.com/errata/RHSA-2024:5662	external
https://access.redhat.com/errata/RHSA-2024:6428	external
https://alas.aws.amazon.com/AL2/ALAS-2024-2654.html	external
https://www.ibm.com/support/pages/node/7174016	external
https://access.redhat.com/errata/RHSA-2024:9150	external
https://access.redhat.com/errata/RHSA-2024:9988	external
https://access.redhat.com/errata/RHSA-2024:9984	external
https://access.redhat.com/errata/RHSA-2024:9986	external
https://security-tracker.debian.org/tracker/DSA-5828-1	external
https://lists.debian.org/debian-lts-announce/2024…	external
https://lists.opensuse.org/archives/list/security…	external
https://errata.build.resf.org/RLSA-2025:0012	external
https://access.redhat.com/errata/RHSA-2025:1335	external
https://alas.aws.amazon.com/AL2/ALAS-2025-2868.html	external
https://www.dell.com/support/kbdoc/000376224	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Ansible Automation Platform ist eine End-to-End-Automatisierungsplattform f\u00fcr die Systemkonfiguration, die Softwarebereitstellung und die Orchestrierung erweiterter Workflows.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Ansible Automation Platform ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial-of-Service-Zustand erzeugen, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren oder Cross-Site-Scripting (XSS)-Angriffe durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1328 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1328.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1328 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1328"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2024-06-10",
        "url": "https://access.redhat.com/errata/RHSA-2024:3781"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3820 vom 2024-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:3820"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3713 vom 2024-06-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:3713"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3811 vom 2024-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:3811"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3795 vom 2024-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:3795"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3820 vom 2024-06-12",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3820.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2024-F52B6219CA vom 2024-06-13",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-f52b6219ca"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3820 vom 2024-06-14",
        "url": "https://errata.build.resf.org/RLSA-2024:3820"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2068-1 vom 2024-06-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018734.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2182-1 vom 2024-06-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018806.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-644 vom 2024-07-02",
        "url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-644.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-645 vom 2024-07-02",
        "url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-645.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4231 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4231"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4227 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4227"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-4227 vom 2024-07-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-4227.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-4231 vom 2024-07-03",
        "url": "https://linux.oracle.com/errata/ELSA-2024-4231.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4404 vom 2024-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2024:4404"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4414 vom 2024-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2024:4414"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4427 vom 2024-07-09",
        "url": "https://access.redhat.com/errata/RHSA-2024:4427"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4522 vom 2024-07-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:4522"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2481-1 vom 2024-07-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018968.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2481-1 vom 2024-07-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018973.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2481-1 vom 2024-07-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018969.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:4227 vom 2024-07-15",
        "url": "https://errata.build.resf.org/RLSA-2024:4227"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:4231 vom 2024-07-15",
        "url": "https://errata.build.resf.org/RLSA-2024:4231"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4616 vom 2024-07-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:4616"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4958 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:4958"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202408-11 vom 2024-08-07",
        "url": "https://security.gentoo.org/glsa/202408-11"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5107 vom 2024-08-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:5107"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5662 vom 2024-08-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:5662"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6428 vom 2024-09-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:6428"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2654 vom 2024-10-16",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2654.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7174016 vom 2024-10-24",
        "url": "https://www.ibm.com/support/pages/node/7174016"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9150 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9150"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9988 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9988"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9984 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9984"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9986 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9986"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5828 vom 2024-12-12",
        "url": "https://security-tracker.debian.org/tracker/DSA-5828-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4000 vom 2024-12-21",
        "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00022.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4396-1 vom 2024-12-20",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2G4X2TXZZR4PJJZP65T5QITC24ZVDLNL/"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2025:0012 vom 2025-01-08",
        "url": "https://errata.build.resf.org/RLSA-2025:0012"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1335 vom 2025-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2025:1335"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-2868 vom 2025-05-29",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2868.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Update vom 2025-10-02",
        "url": "https://www.dell.com/support/kbdoc/000376224"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-D2D3A5FA79 vom 2025-10-18",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-d2d3a5fa79"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Ansible Automation Platform: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-10-19T22:00:00.000+00:00",
      "generator": {
        "date": "2025-10-20T08:43:57.291+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2024-1328",
      "initial_release_date": "2024-06-10T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-06-10T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-13T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-06-16T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-06-18T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-06-24T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-07-01T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2024-07-03T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-11T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-15T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-07-24T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-06T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-07T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-08-13T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-20T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-05T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-16T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-10-24T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-11T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-12-22T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Debian und SUSE aufgenommen"
        },
        {
          "date": "2025-01-07T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2025-02-11T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-05-29T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-10-01T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-10-19T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Fedora aufgenommen"
        }
      ],
      "status": "final",
      "version": "29"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.4.0.0",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c8.4.0.0",
                  "product_id": "T045879"
                }
              },
              {
                "category": "product_version",
                "name": "8.4.0.0",
                "product": {
                  "name": "Dell PowerProtect Data Domain 8.4.0.0",
                  "product_id": "T045879-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:8.4.0.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.10.1.70",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c7.10.1.70",
                  "product_id": "T045881"
                }
              },
              {
                "category": "product_version",
                "name": "7.10.1.70",
                "product": {
                  "name": "Dell PowerProtect Data Domain 7.10.1.70",
                  "product_id": "T045881-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.70"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.13.1.40",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c7.13.1.40",
                  "product_id": "T047343"
                }
              },
              {
                "category": "product_version",
                "name": "7.13.1.40",
                "product": {
                  "name": "Dell PowerProtect Data Domain 7.13.1.40",
                  "product_id": "T047343-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.40"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.3.1.10",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c8.3.1.10",
                  "product_id": "T047344"
                }
              },
              {
                "category": "product_version",
                "name": "8.3.1.10",
                "product": {
                  "name": "Dell PowerProtect Data Domain 8.3.1.10",
                  "product_id": "T047344-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.1.10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PowerProtect Data Domain"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.4",
                "product": {
                  "name": "Red Hat Ansible Automation Platform \u003c2.4",
                  "product_id": "T035285"
                }
              },
              {
                "category": "product_version",
                "name": "2.4",
                "product": {
                  "name": "Red Hat Ansible Automation Platform 2.4",
                  "product_id": "T035285-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ansible Automation Platform"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Update Infrastructure 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Update Infrastructure 4",
                  "product_id": "T041113",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:update_infrastructure_4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6.15",
                "product": {
                  "name": "Red Hat Satellite 6.15",
                  "product_id": "T034360",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:satellite:6.15"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Satellite"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45288",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2023-45288"
    },
    {
      "cve": "CVE-2023-45290",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2023-45290"
    },
    {
      "cve": "CVE-2023-49083",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2023-49083"
    },
    {
      "cve": "CVE-2023-50447",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-5752",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2023-5752"
    },
    {
      "cve": "CVE-2024-1135",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-1135"
    },
    {
      "cve": "CVE-2024-21503",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-21503"
    },
    {
      "cve": "CVE-2024-24783",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-24783"
    },
    {
      "cve": "CVE-2024-26130",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-27306",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-27306"
    },
    {
      "cve": "CVE-2024-27351",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-27351"
    },
    {
      "cve": "CVE-2024-28219",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-28849",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-30251",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-30251"
    },
    {
      "cve": "CVE-2024-32879",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-32879"
    },
    {
      "cve": "CVE-2024-34064",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-35195",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-35195"
    },
    {
      "cve": "CVE-2024-3651",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-3651"
    },
    {
      "cve": "CVE-2024-3772",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-3772"
    },
    {
      "cve": "CVE-2024-4340",
      "product_status": {
        "known_affected": [
          "67646",
          "T035285",
          "T012167",
          "T034360",
          "T004914",
          "T032255",
          "74185",
          "2951",
          "T002207",
          "T045879",
          "T047343",
          "398363",
          "T041113",
          "T045881",
          "T047344"
        ]
      },
      "release_date": "2024-06-10T22:00:00.000+00:00",
      "title": "CVE-2024-4340"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-21503 (GCVE-0-2024-21503)

WID-SEC-W-2024-1328

Tags

Sightings

Nomenclature